Monday, 18 November 2013

Backtrack 5 : Ethical Hacking Tutorial

Stealing Files,Downloading Keystrokes,Controlling Webcam from remote Locations,ETC by Armitage.
Armitage is an GUI Platform for Metaspoilt and in technical terms,it is a script-able red team collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.It saves time and is very powerful in commencing Metaspoilt attacks.
So Now about our attack today : 

What Do We Need ?

Latest Metasploit framework.
Oracle Java 1.7
Preferably Internet on LAN
Brains and Patience.

Now Lets Us Start Our Hack Today.

Step 1 -Open armitage on Backtrack 5:

By Going To : Backtrack > Exploitation Tools > Network Exploitation Tools > Metasploit Framework > armitage.

Step 2 : Connect Armitage:

Click on the connect Button .

Step 3 : Connecting Armitage :

Now use the patience part,and stretch your legs,it takes some time to connect.

Step 4 :  Armitage Window :

It has 3 Panels -
Target Panel 
Module Panel
Tabs Panel 

Step 5 : Finding the alive host on the Network :

Now you will search for Host on you network,By Going to Hosts -> Nmap Scan -> Quick Scan (OS detect).This will perform a quick scan to detect the host and their operating systems and vulnerabilities.

Step 6 : Inputting The Scan Range :

Now You have to insert scan range,that is you LAN ip range,Most preferably it would start with 192.168.0.- or 10.0.0.-.NOTE : the ( - ) resembles the computers on LAN.
Start the Scan.

Step 7 : Scan Complete:

After the scan has completed,if their are any other PC's on your network on,then they would be visible in the Target Pane (the Big Black box on the upper right).

Step 8 : Finding Attacks :

Now the Fun Parts starts,Click on Attacks tab in your toolbar and select Find Attacks (Not hail mary,you might not be ready for that).Start the scan and wait till it completes.

Step 9 : Set the vulnerability :

Right Click on the Host icon (windows pc) -> Select attacks -> smb -> ms08_067_netapi  vulnerability . 
Now a window should pop,Click on the check-box that says "Use  a reverse connection" .
Start Attack

Step 10 : The Final Result :

So did the Host Icon Turn Red ? That Means YOU PASSED.

So You Did The Hacking Part Right,Now let us mess with the client.

Hack 1 - Opening Command Prompt :

Right click on the host -> Meterpreter1 ->Interact -> Command Shell 
Now You are In Their Command Prompt,You can now change,rename,delete,create files on their pc now.Search Google for some powerful windows commands.

Hack 2 - Start an KEYLOGGER :

Click on the Meterpreter2 -> Explore -> Log Keystrokes.
Now you will receive what the victim is typing.

Hack 3 - Take An Screen Shot :

Click on the Meterpreter2 -> Explore ->Screenshot.
Now you can see what is on their Facebook wall or Google mail accounts.

Hack 4 -Browse Files :

Right click -> Meterpreter2 -> Explore > Browse Files .
Now you can interact with all the files on victim PC via a GUI.

Hack 5 - Get in His Webcam (my favorite part).

Right click -> Meterpreter2 ->Explore -> Webcam shot
Catch that guy making out ,and have fun with him later.
So did you passed or failed ? or did you spotted any typing mistakes,or have any questions ? then comment on the comment section BELOW. And don't forget to check out my brother Tahir Siddiqui's blog : http://webtify.com/ ,he has some pretty good stuff there about Facebook,adsense,and other tweaks,check it out.

1 comment:

  1. Do you need to increase your credit score?
    Do you intend to upgrade your school grade?
    Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
    Do you need any information concerning any database.
    Do you need to retrieve deleted files?
    Do you need to clear your criminal records or DMV?
    Do you want to remove any site or link from any blog?
    you should contact this hacker, he is reliable and good at the hack jobs..
    contact : cybergoldenhacker at gmail dot com

    ReplyDelete