Capture VNC Session of Remote PC using SEToolkit

Today in this article we are going to compromise the target through VNC payload attack. It is a very simple method for beginners.

In this tutorial, we will learn how to create a VNC payload using Social Engineering Toolkit. We will try to achieve the VNC shell of a victim’s PC.

Let’s Start!!!

Open a terminal in Kali Linux, and type “setoolkit” on it to start the Social Engineering Toolkit Framework. Select the first option to choose from the list of Social-Engineering Attacks.

Press ‘1’

To proceed further we will choose “Create a Payload and Listener” option.

Press ‘4’

This will show an arsenal of different payloads. As in this article, our focus is VNC, hence we will select the VNC payload.

Press ‘3’

Next Step requires an IP address on which the payload listener is to be started. In our case, it is 192.168.1.109(attacker’s IP) and after that, it will ask for the port for the reverse listener. In our case, it will be 4444

After setting up this, it starts generating VNC payload and save it under the highlighted path. Explore /root/.set/payload.exe. Send the payload.exe file to the target.

Further, it will ask to start payload listener Type “yes” and hit “Enter” this will start loading the Metasploit Framework.

After loading the Metasploit Framework, it runs the multi handler automatically; Now once the victim clicks on the payload file sent by the attacker, the attacker will get a VNC shell.

Great!!!!

Our VNC attack using set toolkit is successful and we received the victim’s VNC

shell on our system.

Author: Aarti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here

Hack Remote PC using PSEXEC Injection in SET Toolkit

Target: Window Server

Attacker machine: Kali Linux

 In this article I am going to make PowerShell injection attack though SEToolkit; for this attack, it is necessary that SMB service must be running and you should aware of username and password of your target pc to get the Meterpreter session.

Let’s Begin The Game!!!

Scan the victim IP from NMAP by typing following command on the terminal in Kali Linux

Under version scan, it shows port 445 is open and if you are not aware from port protocol services then let me tell you that port 445 is used for SMB protocol for making communication between two different operating systems like as we have Linux and windows.

Now Click Applications > Exploitation Tools > Social Engineering Toolkit > setoolkit.

A new terminal gets open for the setoolkit framework and now you have to follow these steps for making an attack on the target.

From the screenshot, you can perceive that it through a menu to select the following approach for the attack.

Choose penetration testing (fast-track) and type2 for this method.

Fast-Track is an automated penetration suite for penetration testers. So from the next screenshot again we have following option, choose PSEXEC Powershell Injection and type 6 for it.

PSEXEC Powershell Injection Attack: This attack will inject a meterpreter backdoor through PowerShell memory injection. This will avoid Anti-Virus since we will never touch disk or memory. Will require Powershell to be installed on the remote victim machine. You can use either straight passwords or hash values.

Now give the following information to execute an attack on victim pc.

Enter remote IP as rhost: 192.168.1.104

Enter username: administrator

Enter password: [email protected]

 If you don’t know the domain name hit enter only for this and same for random select to a number of threads hit enter.

Enter listener IP as lhost: 192.168.1.3

Enter port number: 445

Now this will generate a payload for PowerShell injection and start loading Metasploit framework itself. From the below image, you will found that through alphabetic shellcode we have got meterpreter session1 open.

Now type sessions to view active session

Further Type sessions –I 1 to get inside meterpreter mode.

Meterpreter> sysinfo

{NOTE: This attack is depending upon the version of SMB PROTOCOL; if the version is updated of 2.1 then maybe this attack is not successful. Use aggressive scanning method for version detail.}

Author: Aarti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets. Contact here

Hack Gmail and Facebook of Remote PC using DNS Spoofing and SET Toolkit

First open your kali Linux application tab in Exploitation Tools and then chose SET Toolkit

Now choose option 1, “Social – Engineering Attacks” and Enter

Then choose option 2, “Website Attack Vectors” and Enter

After that choose option 3, “Credential Harvester Attack Method” and Enter

Now choose option 2 Site Cloner and press Enter

For Post back type your IP address and press Enter, After that type the website name you want to be Clone (in my case I am using gmail)

Cloned web page will be saving in /var/www Folder. As shown below.

Now move cloned files of fake page (e.g. Harvester, post & index.html) in /var/www/html folder.

Now right click on harvester .txt file and give read and write permission.

Now open etter.dns file which is in /etc/ettercap folder.

Modify the contents of the etter.dns and add your own pc IP address as A record.

Now Open Ettercap and go to Sniff and choose Unified sniffing.

Select you network interface (in my case interface is eth0)

Now go to hosts and select Scan for hosts. It will show you the connected PC in your network.

Select host list and select your Target after that click on Add to Target 1 (if you want to select more than 1 target then select the target again and click on Add to Target again)

Open Mitm option and select ARP poisoning…

It will give you a Pop up in which select the Sniff remote connection box and hit OK.

Select Plugins and choose Manage the plugins.

IN Plugins option double click on dns_spoof. (It will start DNS spoofing)

Click on start and select Start sniffing

Now, when the victim will open any web page, the page will redirect it to the Fake page you created.

When victim will put there Id & Password, will get all the details.

The Hacked ID & Password of Victim will get saved in /var/www/html/harvester.txt. As shown below.

Hack Remote PC using HTA Attack in SET Toolkit

The HTA Attack method will allow you to clone a site and perform PowerShell injection through HTA files which can be used for Windows-based PowerShell exploitation through the browser.

Our method for HTA attack is through setoolkit. For this, open setoolkit in your Kali. And from the menu given choose the first option by typing 1 to access social engineering tools.

From the next given menu, choose the second option by typing 2 to go into website attack vendors.

From the further given menu choose option 8 to select the HTA attack method.

Once you have selected the option 8 for HTA attack, next you need to select option 2 which will allow you to clone a site. Once selected the option 2, it will ask the URL of the site you want to clone. Provide the desired URL as here we have given ‘www.ignitetechnologies.in’.

After giving the URL it will ask you to select the type of meterpreter you want. Select the third one by typing 3.

Once you hit enter after typing 3, the process will start and you will have the handler (multi/handler)

Now convert your malicious IP into the bit.ly link which will appear more genuine to victims when you will share this link with them.

When the victim will browse above malicious link, the file will be saved and automatically executed in the victim’s PC after being saved; as shown in the image below:

Then you will have your meterpreter session. You can use the command ‘sysinfo’ to have the basic information about the victim’s PC.

Author: Pinky Deka is trained in Certified Ethical hacking and Bug Bounty Hunter. Connect with her here