[Video] Man In The Middle (MITM) Attack (ettercap, metasploit, sbd)

nice video :)
I got a few videos some what related to this... take a look... i made a filter that would do the job instead of the use of dns plugin but what ever works really is all that matters...

why did you use wine? backtrack already has sbd, hmmm im not sure about bt4f...

www.irongeek.com/metasploits-meterpreter-with-mitm-and-an-ettercap-filter

hacking Illustrated video on Vimeo

Quote:

---

Originally Posted by g0tmi1k

Hey all!

Using a few tools to gain access to command line on the target PC.

What is this?
By setting up a fake web site, we social engineer our target to run our exploit. The end result gives us command line access to our target's PC.

How does this work?
> Ettercap to do the MITM Attack
> Metasploit for the exploit
> Secure BackDoor (SBD) for the backdoor
> Apache for the web server

What do I need?
> Ettercap
> Metasploit
> SBD (optional)
> Web server
*all of this is on backtrack 4*

How to:
Attackers IP: 192.168.1.104
Targets IP: 192.168.1.101
Gateway IP: 192.168.1.1

Notes:
This is cut from my final video called "g0tmi1k's home network".

Links
Download: 3 - MITM.mp4
Video: http://blip.tv/file/2319124
Commands: http://pastebin.com/f614e420b

Software
Name: Ettercap
Version: 0.7.3
Home Page: ettercap
Download Link: Download ettercap from SourceForge.net

Name: Metasploit
Version: 3.3
Home Page: The Metasploit Project
Download Link: http://spool.metasploit.com/releases/framework-3.2.tar.gz

Name: SBD
Version: 1.36
Home Page: Tigerteam
Download Link: http://packetstormsecurity.org/UNIX/netcat/sbd-1.36.tar.gz
Source: http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=sbd



~g0tmi1k

---

Your pastebin link, links to bliptv (where it says Sorry, this video has been removed from blip.tv by its owner.

Quote:

---

Originally Posted by BigMac

nice video :)
I got a few videos some what related to this... take a look... i made a filter that would do the job instead of the use of dns plugin but what ever works really is all that matters...

why did you use wine? backtrack already has sbd, hmmm im not sure about bt4f...

www.irongeek.com/metasploits-meterpreter-with-mitm-and-an-ettercap-filter

hacking Illustrated video on Vimeo

---

Thanks BigMac!
Ive just watch the vids, nice idea with the HTML injection instead of forcing them to vist our page...*I think I will use this next time ;)*.
Only problem with it it says "Download file from: http://192.168.1.6/lan.exe", the 'joe bloggs' of computers will probably think nothing of it, but someone with a little bit of known-age might flag it as "odd", mine spoofs the DNS - therefore it says it could be http://site-they-try-and-vist.com/lan.exe. What would be better still it if it always said http://www.micorsoft.com/update/KB-16........exe, this is possible, all I would have to do, is edit /var/www/index.html, and tell it to point to it ;)

Your other video help me ALOT :) So a big thank you again for it (=.
Would I would like to of known, what does that registry file do?
*it was the reason why I made/started doing this vid*

Yes BT4PF does have SBD - but its v0.5, which I found very buggy!
Ive compiled sbd 1.36, but I choose to use wine for the purpose of the video! Why...because I can :P

@wyze
Thanks for pointing that out, I completely missed that!