Pastejacking is a technique is a method that malicious websites employ to take control of your computers’ clipboard and change its content to something harmful without your knowledge.
The target opens an HTML page served by the tool and this page has anything that makes the user wants to copy from it and paste into the terminal. Target copies anything from the page then in the background it gets replaced quickly with our liner. The user pastes into the terminal and before he notices that the line he copied has been changed : - The line gets executed by itself in the background (Without pressing enter) - The terminal gets cleared. - The user sees the terminal is usable again. - You already got your meterpreter session by this time. All of that happened in less than second
- For Linux :
git clone https://github.com/De3vil/PasteJacking.git
python3 -m pip install -r requirements.txt
python PasteJacking.py
For Windows:
git clone https://github.com/De3vil/PasteJacking.git
pip install -r requirements.txt
python PasteJacking.py
If this tool has been useful for you, feel free to thank me by buying me a coffee :)