PDA

View Full Version : only_sslstrip_to_have_credentials.avi



zimmaro
10-01-2011, 02:54 AM
hi, guys
to make the "new" Simple + long + boring(+perhaps unnecessary) videos to use ONLY sslstrip [in bt5r1-kde32 (kernel 2.6.39.4)] to sniff the credentials in my virtual lan.
about half of my videos ie explorer (XPSP3) have a little crash! (sorry):)
I even forgot to copy the facebook login (correctly sniffed in the writeoutput sslstrip [sniff] (sorry):)


ps: I'm using fake credential in the video, but the real ones I tested and the result is The Same:)

if you want to watch: http://vimeo.com/29855807
thanks by zimmaro

mudexhack
10-01-2011, 07:14 PM
ello
I would like to ask a question
every time I enter the msfconsole
I have to do this = http://www.backtrack-linux.org/wiki/index.php/Metasploit_Framework_MySQL
how to put comfig forever


thanks

zimmaro
10-02-2011, 03:17 PM
hi mudexhack
but your reply is not inherent to this video!!!
however, if I understand the question: Do you want to use the Metasploit_console if you open the terminal & write msfconsole ( the wiki if you read need to enable the mysql database INSIDE msfconsole!:) msfconsole is not only db_...but much more!!:)
I hope to have understood the question bye zimmaro

YaKhOo
10-05-2011, 07:29 PM
hi
thanks Zimmaro for all the work around bt5
was very instructive ans very helpful to read and see what have you one :)

mudexhack google on old metasploit bolg msfconsole.rc file BUT in backtrack 5 you dont need to do this the db is postgresql up and runing at boot time you have just to launche msf an to confirme if you are connected use the command db_status and Open your eyes

mudexhack
10-06-2011, 11:04 AM
you're right, my question has nothing to do with this video, sorry :o

you do not quite understand my question...
priate I go into msfconsole, I have the hassle of connecting to the database,,, whenever I log in metasploit, always

I am looking for a metodo.que can stay connected without me having to write,
msf >db_driver mysql
Using database driver mysql
msf > db_connect root:toor@127.0.0.1/msf3
msf >


I hope I have explained
excuse the inconvenience

zimmaro
10-07-2011, 07:38 AM
hi, mudexhack.....(I think we should move the "theme" in the appropriate section)however:
in MY bt5r1 update & upgrade today.not needed more to write the string db_connect .......
-my MYSQL automatic start-up-every reboot (or press the button / backtrack / service if you dont want to write :service mysql start)
-root@bt:~# msfconsole

# cowsay++
____________
< metasploit >
------------
\ ,__,
\ (oo)____
(__) )\
||--|| *


=[ metasploit v4.0.1-dev [core:4.0 api:1.0]
+ -- --=[ 737 exploits - 378 auxiliary - 85 post
+ -- --=[ 228 payloads - 27 encoders - 8 nops
=[ svn r13820 updated today (2011.10.06)

msf > db_driver mysql
Using database driver mysql
msf > hosts

Hosts
=====

address mac name os_name os_flavor os_sp purpose info comments
------- --- ---- ------- --------- ----- ------- ---- --------
192.168.1.1 00:25:53:45:AF:E1 alicegate.homenet.telecomitalia.it
192.168.1.253 00:0C:6E:B0:19:30 ---.homenet.telecomitalia.it

msf > db_autopwn -p -q -e -R great 192.168.1.253 (IF YOU WANT TO USE AUTOPWN) or
(1/214 [0 sessions]): Launching exploit/bsdi/softcart/mercantec_softcart against 192.168.1.1:80...
(2/214 [0 sessions]): Launching exploit/linux/http/ddwrt_cgibin_exec against 192.168.1.1:80...
(3/214 [0 sessions]): Launch..........



also the postgresql database is now already "" preloaded "" to the same method!
someone from the forum would be able to create a "" script "" which come up to here!
I am not able (I struggle to remember my name and my age :):)). I do not know if it's worth it!
bye!:)

mudexhack
10-07-2011, 10:42 AM
OK
thanks for the help
I'm really grateful...
I will be careful not to post more in the wrong places :o:o:o
rsrsrs