Results 1 to 3 of 3

Thread: [Video] Man In The Middle (MITM) Attack (ettercap, metasploit, sbd)

  1. #1
    Senior Member BigMac's Avatar
    Join Date
    Jan 2008
    Posts
    213

    Default

    nice video
    I got a few videos some what related to this... take a look... i made a filter that would do the job instead of the use of dns plugin but what ever works really is all that matters...

    why did you use wine? backtrack already has sbd, hmmm im not sure about bt4f...

    www.irongeek.com/metasploits-meterpreter-with-mitm-and-an-ettercap-filter

    hacking Illustrated video on Vimeo

  2. #2
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by g0tmi1k View Post
    Hey all!

    Using a few tools to gain access to command line on the target PC.

    What is this?
    By setting up a fake web site, we social engineer our target to run our exploit. The end result gives us command line access to our target's PC.

    How does this work?
    > Ettercap to do the MITM Attack
    > Metasploit for the exploit
    > Secure BackDoor (SBD) for the backdoor
    > Apache for the web server

    What do I need?
    > Ettercap
    > Metasploit
    > SBD (optional)
    > Web server
    *all of this is on backtrack 4*

    How to:
    Attackers IP: 192.168.1.104
    Targets IP: 192.168.1.101
    Gateway IP: 192.168.1.1

    Notes:
    This is cut from my final video called "g0tmi1k's home network".

    Links
    Download: 3 - MITM.mp4
    Video: http://blip.tv/file/2319124
    Commands: http://pastebin.com/f614e420b

    Software
    Name: Ettercap
    Version: 0.7.3
    Home Page: ettercap
    Download Link: Download ettercap from SourceForge.net

    Name: Metasploit
    Version: 3.3
    Home Page: The Metasploit Project
    Download Link: http://spool.metasploit.com/releases/framework-3.2.tar.gz

    Name: SBD
    Version: 1.36
    Home Page: Tigerteam
    Download Link: http://packetstormsecurity.org/UNIX/netcat/sbd-1.36.tar.gz
    Source: http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=sbd



    ~g0tmi1k
    Your pastebin link, links to bliptv (where it says Sorry, this video has been removed from blip.tv by its owner.
    dd if=/dev/swc666 of=/dev/wyze

  3. #3

    Default

    Quote Originally Posted by BigMac View Post
    nice video
    I got a few videos some what related to this... take a look... i made a filter that would do the job instead of the use of dns plugin but what ever works really is all that matters...

    why did you use wine? backtrack already has sbd, hmmm im not sure about bt4f...

    www.irongeek.com/metasploits-meterpreter-with-mitm-and-an-ettercap-filter

    hacking Illustrated video on Vimeo
    Thanks BigMac!
    Ive just watch the vids, nice idea with the HTML injection instead of forcing them to vist our page...*I think I will use this next time *.
    Only problem with it it says "Download file from: http://192.168.1.6/lan.exe", the 'joe bloggs' of computers will probably think nothing of it, but someone with a little bit of known-age might flag it as "odd", mine spoofs the DNS - therefore it says it could be http://site-they-try-and-vist.com/lan.exe. What would be better still it if it always said http://www.micorsoft.com/update/KB-16........exe, this is possible, all I would have to do, is edit /var/www/index.html, and tell it to point to it

    Your other video help me ALOT So a big thank you again for it (=.
    Would I would like to of known, what does that registry file do?
    *it was the reason why I made/started doing this vid*

    Yes BT4PF does have SBD - but its v0.5, which I found very buggy!
    Ive compiled sbd 1.36, but I choose to use wine for the purpose of the video! Why...because I can :P

    @wyze
    Thanks for pointing that out, I completely missed that!
    ~ Have you, g0tmi1k? ~
    :rolleyes: <(^^,)> :p d[-_^]b (= =D-->--< :eek:

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •