Watch video on-line: http://g0tmi1k.blip.tv/file/3622179
Download video: http://www.mediafire.com/?kz0zyde3gjt
Download Script (metasploit-fakeUpdate[v0.1.4].tar.gz)
What is this?
This is a bash script to automate 'Manning in the Middle' to 'pwn' whoever it can, via giving them a "Fake Update" screen. The attack is transparent (allowing the target to afterwards surf the inter-webs once they have been exploited!), and the payload is either SBD (Secure BackDoor - similar to netcat!), VNC (remote desktop) or whatever the attacker wishes to use.
How does this work?
> Sets up a DHCP and web server
> Creates an exploit with metasploit.
> Waits for the target to connect, download and run the exploit.
> Once successfully exploited it grants access to allow the target to surf the inter-webs.
> Uploads a backdoor; SBD or VNC, via the exploit
> The attacker has the option to run a few 'sniffing' programs (from the dnsiff suite) to watch what the target does!
What do I need?
> A network with client
> An Internet connection (though you could modify it so its non transparent)
> dhcpd3, apache, metasploit, dnsiff suite --- All on BackTrack
> The script! metasploit-fakeUpdate[v0.1.4].tar.gz (489 KB, SHA1: aac4554f2d09e2a3f1b1061abe3759d445771b5e)
Whats in the tar.gz?
> metasploit-fakeUpdate.sh --- Bash script
> www/index.php --- The page the target is forced to see before they have access to the Internet.
> www/sbd.exe --- SBD Backdoor
> www/winvnc.exe, vnchooks.dll, vnc.reg --- VNC Backdoor
> www/Linux.jpg, OSX.jpg, Windows.jpg --- OS Pictures
> www/favicon.ico, animated_favicon1.gif --- FavIcons
How to use it?
1.) Extract the tar.gz file (
via tar zxf metasploit-fakeUpdate[v0.1.4].tar.gz)
2.) Copy the "www" folder to /var/www (cp www/* /var/www/)
3.) Make sure to "Start Network" and to have an IP address. (via start-network and dhclient [Internet Interface])
4.) Edit metasploit-fakeupdate.sh with your "internet"interface. (You can view your interfaces via ifconfig and use kate to edit the file.)
5.) bash metasploit-fakeupdate.sh (don't forget to be in the correct folder!)
6.) Wait for a connection...
7.) ...Game Over.
tar zxf metasploit-fakeUpdate\[v0.1.4\].tar.gz
cp www/* /var/www