Results 1 to 4 of 4

Thread: Help! Questions about Exploitation Attacks

  1. #1
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    1

    Default Help! Questions about Exploitation Attacks

    I would like to know if there are any tools that I can
    use to launch encrypted attacks against a
    Windows-based machine. I'm writing an analytical research paper
    about eEye Digital Security's Blink Endpoint
    Vulnerability System and want to test Blink's
    effectiveness (or ineffectiveness) at detecting an
    attack that has been encrypted. I need a tool that can
    run on a Windows XP machine and that comes with its
    own exploits. Then I'll need to figure out how to
    encrypt the attack.

    I'm sure you already figured out that I am not a
    "techie". I'm a beginner, so please simplify your
    answers and/or provide URL links to tools that you
    recommend.

    Thanks in advance,
    MssLee

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    metasploit runs on windows.

  3. #3
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    You might be able to do something with CryptCat (encrypted NetCat).
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  4. #4

    Default

    Quote Originally Posted by thorin View Post
    You might be able to do something with CryptCat (encrypted NetCat).
    is there a specific reason it must be encrypted or do you want to just do evasion?

    if its just evasion then metasploit should get you started. if i were doing it. i'd run some public dcom code to see if it triggers, then use metasploit which does some basic evasion by default and see if that triggers, then start playing with the evasion options.

    msf exploit(ms03_026_dcom) > show evasion

    Module evasion options:

    Name : DCERPC::fake_bind_multi
    Current Setting: True
    Description : Use multi-context bind calls

    Name : DCERPC::fake_bind_multi_append
    Current Setting: 0
    Description : Set the number of UUIDs to append the target

    Name : DCERPC::fake_bind_multi_prepend
    Current Setting: 0
    Description : Set the number of UUIDs to prepend before the target

    Name : DCERPC::max_frag_size
    Current Setting: 4096
    Description : Set the DCERPC packet fragmentation size

    Name : DCERPC::smb_pipeio
    Current Setting: rw
    Description : Use a different delivery method for accessing named pipes
    (accepted: rw, trans)

    Name : TCP::max_send_size
    Current Setting: 0
    Description : Maxiumum tcp segment size. (0 = disable)

    Name : TCP::send_delay
    Current Setting: 0
    Description : Delays inserted before every send. (0 = disable)


    msf exploit(ms03_026_dcom) >

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •