Backdoring RDPs with Self-Extracting Archives (SFX). Part 1
Introduction The other day, I see a the post of Jai Minton in the blog of Crowdstrike, talking about how the team of CrowdStrike found a intrusion that start with the use of a seemgly empty SFX archive. After read the post, which I recommend you to do the same, I was curious about how it worked and I wanted to be able to replicate it, hence this post is based on how to perform an attack of this type....