[hackthebox]Jeeves

Introduction Jeeves is a machine that is rated easy, this machine is hacked through exploiting unauthenticated jeeves dashboard usage. A java reverse shell is executed in Jeeves' console script (where groovy script can be run for troubleshooting) is run and a reverse connection is connected back to my netcat server. Once the reverse connection is … Continue reading [hackthebox]Jeeves

Social Engineering Toolkit and Metasploit: Web cloning attack and uploading a backdoor

Creating a persistent backdoor Afterword Modern antivirus program is capable of detecting such backdoor and even prevent the download of the encoded payload into victim's machine; payload encoded by shikata ganai 4 times is not enough to evade most of the modern antivirus program. In the past I used to click and execute unknown java … Continue reading Social Engineering Toolkit and Metasploit: Web cloning attack and uploading a backdoor

Metasploit and Social Engineering Toolkit: Kill Antivirus (eg. AVG2012)

Metasploit is packaged with killav script, but this script only kills avgrsx.exe which will respawn after the process is terminated. AVG has a program known as watchdog: avgwdsvc.exe which ensures the terminated AVG process is respawned again; seriously this makes killing antivirus difficult. The AVG IDS agent program cannot be terminated by any privileges which … Continue reading Metasploit and Social Engineering Toolkit: Kill Antivirus (eg. AVG2012)

Metasploit and Social engineering toolkit: Bypass firewall and antivirus detection

Social engineering is a technique used to exploit human weakness as an attack vector. The ¬†way to prevent human weakness as an attack vector is through policy and you must practise what you preach, without adhering to policy you will be a victim of social engineering. Social engineering toolkit is a program by David Kennedy … Continue reading Metasploit and Social engineering toolkit: Bypass firewall and antivirus detection

Metasploit: Post exploitation with meterpreter

Exploit and payload preparation Start the exploit Post exploitation: Understand the exploited environment Whoami What is the machine? Which process has meterpreter attached to? Post exploitation: Using script to enhance your finding Is this a real machine or virtual machine? What is the user doing now? Can I see it? A screenshot will pop up. … Continue reading Metasploit: Post exploitation with meterpreter

Metasploit: About Meterpreter

Meterpreter is a tool that is packaged together with the metasploit framework. The features of meterpreter are: 1. Does not create any files on the harddisk, it resides in memory and attaches itself to a process. 2. client-server communication is in the form of type-length-value (TLV) format. 3. client-server communication between attacker machine and victim … Continue reading Metasploit: About Meterpreter