Shulou(Shulou.com)06/01 Report--

Hello everyone, I am your good friend, redbull, today to tell you about the use of beef and msf, and then use ettercap to deceive the host, login to any website, can be crawled.

The main purpose is to conduct tests. I hope you will not do any malicious damage. I am not responsible at all.

All right, let's start our operation next. Let's watch me operate.

Testing machine: kali being tested machine: windows series

As a first step, let's start configuring some configuration files for beef

Here we mainly modify the config.yaml configuration file. The metasploit option in it is changed from false to true by default.

Modify the options in host and call_back in this configuration to change all the hosts to the ip addresses of our current kali machines.

These two commands are to open the database connection

Then our machine Kai opened the metasploit to connect our beef to see if the configuration was successful.

Measploit turned on by default

It proves that we have made a match.

Next, we can open beef.

-x means to execute.

The default is beef.

This is a host that is not online. If we set it up later, there will be an online host.

Let's set up the tab displayed to open our URL and we know that we have opened this URL.

Let's start the apache.

I think everyone should see very clearly, this is the mainframe should be online. We can do some operations on the mainframe at this time.

Then it's time to configure the ettercap option.

In front is * .com An our own ip

To deceive all ip, as long as the other party enters a website with a suffix of com and org, it will be hit.

We are going to make a filter to cheat. This is an important point in etteercap. If not, please go to the wall automatically.

The code inside is not particularly difficult, if there is no host login web page, display zapp this line, if there is a login to show filter this line. The main purpose of this generation is to verify a http header for detection.

Http://blog.csdn.net/jhonguy/article/details/7494858 this has all the filters, you can refer to.

This means that we have successfully filtered.

At this time, we have caught some hosts, and then we can do a demonstration to log in to see if beef can catch some hosts.

We use other hosts to log in, let's see if we can grab it, because we are on the intranet, so all machines can be crawled if they log in. The ip we chose is 6 as the host.

The other machine is a little stuck right now. Wait a minute.

We successfully grabbed this mainframe.

And then we're grabbing one to verify it.

I was wrong about the last rule. The redbull.filter I set was not used, so we opened it again.

We opened Baidu and the host came online again, proving that our sniffing was successful.

It shows that the filter line is, which proves that we have also succeeded. This is that we need to cooperate with the msf tool to carry out buffer overflow to carry out *.

What did I say just now? there is no overflow in the metasploit module of the browser. Our path is not set.

And then we're configuring it now.

It needs to be configured here so that we can connect. It will be in the browser.

Use exploit/windows/browser/ie_execcommand_uaf

When the time comes to overflow, we will use this ie overflow to use metasploit, and then you can see what I do. Sometimes we can also try it on the intranet. System overflow vulnerabilities, such as ms08-067, may not be rewarded.

Here we put the generated address in our beef to execute. See if it works, because the target is a xp sp3 machine, the overflow success may be a little higher.

A process is such a process that, if it succeeds, it will return a payload that we have set up, and we can do something in it.

That's all for today's video. In the past, I saw some videos that were mainly single, but today we got them together, and then we made a video. There are not too many videos in front of us. Combine these tools. I'll give you a combination, and then it looks like you don't have to work so hard to find other tutorials.

Thank you for watching.

In order to guarantee http://pan.baidu.com/s/1c0cq8k4

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.