Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 31

Thread: [Script] [Video] metasploit-FakeUpdate (v0.1.1)

  1. #11
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Script] [Video] metasploit-FakeUpdate (v0.1.1)

    Quote Originally Posted by intertan View Post
    having a problem
    my setup bt4 final VM with current updates
    xp pro with all updates

    now do I set the interface (wlan0 in my case) and that is it?
    I have tested it with my windows 7 box and got a 404 not found error page but my xp box does nothing, can still surf.

    update I was using vnc but switched back to sbd and now my xp box has the 404 not found.
    If your target is connected to you on wlan0, then use wlan0!
    Have you check the arp table on the targets?
    Are you trying to attack a computer which is hosting the VM? I had problems when doing this. Try in another VM, or a whole new PC.

    and when you say "404" error, what URL are you trying to view? Because it only works with top level domain. You will need to modify apahce2 I believe if you want it to work with sub-domains, subfolders kinda deal! *its on the to-do list*
    Have you...g0tmi1k?

  2. #12
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Script] [Video] metasploit-FakeUpdate (v0.1.1)

    v0.1.4
    + Added arguments
    + Can detect and uses broadcast address if needed
    + Checks for superuser
    + Checks interfaces/paths/files exists
    + Randomizes ports each time
    + Reversed the VNC connection
    + Stops and removes any existent backdoors
    + Stops any services and/or programs currently running
    + Uses “msfencode” - to prevent detection
    + Webpage now has a "favicon"
    > Fix a few minor features - Couple of silly typos
    > General code improvements
    > Improved "clean up" code
    > Improved checking the targets IP Address
    > Renamed the backdoor files
    > Renamed the output windows
    > Updated the help message
    > Waits a little bit longer in places
    Have you...g0tmi1k?

  3. #13
    Just burned his ISO erdmaennchen's Avatar
    Join Date
    Jul 2010
    Posts
    15

    Default Re: [Script] [Video] metasploit-FakeUpdate (v0.1.1)

    Sry but your script doesn't work for me. I think the exploit u use in the script doesn't work anymore, because instead of a dialog if i want to download the "update" i get from both browsers, firefox and ie, a dialog to save a file which is only 1kb big and has no fileformat. The site with the windows update warning doesn't appear.

    Tested with WINXP SP3, with all updates, no av, no fw, newest firefox, newest ie.

    Any idea?

    greets

  4. #14
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Script] [Video] metasploit-FakeUpdate (v0.1.1)

    Quote Originally Posted by erdmaennchen View Post
    Sry but your script doesn't work for me. I think the exploit u use in the script doesn't work anymore, because instead of a dialog if i want to download the "update" i get from both browsers, firefox and ie, a dialog to save a file which is only 1kb big and has no fileformat. The site with the windows update warning doesn't appear.

    Tested with WINXP SP3, with all updates, no av, no fw, newest firefox, newest ie.

    Any idea?

    greets
    What if you open the file up with notepad?
    What if you type in: http://[IP address]/Windows-KB183905-x86-ENU.exe <--- Could be a DNS fault.
    Have you...g0tmi1k?

  5. #15
    Just burned his ISO erdmaennchen's Avatar
    Join Date
    Jul 2010
    Posts
    15

    Default Re: [Script] [Video] metasploit-FakeUpdate (v0.1.1)

    Hey.

    The file is empty, so think anything happens wrong while the attack.
    It could be a dns fault, can't test now, but i wonder that I don't see this fake website. For you understanding, I work with Virtualbox, and bridged both machines (BT4 & WINXPSP3), so that I have direct network access. The dnsspoof seems to work because my real WIN7 machine was redirected when I open up a website e.x. in firefox. So that works.

    Greets

  6. #16
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Script] [Video] metasploit-FakeUpdate (v0.1.1)

    Quote Originally Posted by erdmaennchen View Post
    Hey.

    The file is empty, so think anything happens wrong while the attack.
    It could be a dns fault, can't test now, but i wonder that I don't see this fake website. For you understanding, I work with Virtualbox, and bridged both machines (BT4 & WINXPSP3), so that I have direct network access. The dnsspoof seems to work because my real WIN7 machine was redirected when I open up a website e.x. in firefox. So that works.

    Greets
    Hello,
    What file is empty? The file that the target downloads? Hmmm
    Could you open it with notepad? Could you check in BackTrack that its there.
    This script is due for a huge update - just gotta do a few other things first...
    Have you...g0tmi1k?

  7. #17
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    16

    Default Re: [Script] [Video] metasploit-FakeUpdate (v0.1.1)

    I think i found the problem.
    There isnt a index.html file in the metasploit-FakeUpdate www map.

    c

  8. #18
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    16

    Default Re: [Script] [Video] metasploit-FakeUpdate (v0.1.1)

    When i try using explorer or firefox i also get a dialog box asking me to safe a file.
    Opening it with notepad shows the source of the index.html (php)

    When entering http://[IP address]/Windows-KB183905-x86-ENU.exe on the victims machine, you get the exe download and it gets executed.

    A session is created and shell.So that works perfectly.

    Hows the update goin?

    c

  9. #19
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Script] [Video] metasploit-FakeUpdate (v0.1.1)

    Quote Originally Posted by Corleone View Post
    I think i found the problem.
    There isnt a index.html file in the metasploit-FakeUpdate www map.

    c
    That would be a problem!

    Quote Originally Posted by Corleone View Post
    When i try using explorer or firefox i also get a dialog box asking me to safe a file.
    Opening it with notepad shows the source of the index.html (php)

    When entering http://[IP address]/Windows-KB183905-x86-ENU.exe on the victims machine, you get the exe download and it gets executed.

    A session is created and shell.So that works perfectly.

    Hows the update goin?

    c
    I can remember fakeAP_pwn 0.2 having the same issue, though right now, I cant remember the fix
    Anyway - this script will soon being replace!
    *I was waiting on fakeAP_pwn 0.3 to be done before I carried on with the update to this! Its next on my todo list! *
    Have you...g0tmi1k?

  10. #20
    Junior Member
    Join Date
    Aug 2010
    Posts
    48

    Default Re: [Script] [Video] metasploit-FakeUpdate (v0.1.1)

    Hello,

    I am actually having the same issue I had with previous scripts, which led me to apply the whole thing manually, which I am certainly not opposed to, but the scripts you make, GotM1ilk, are quite nice and I do enjoy the way they are coded, quite nice work.

    My issue is that once the "target" downloads the file, and a response on my BTBOX acknowledges that the application has been run and sending stage, it just gets stuck there.

    Using the VNC tool for the file to upload.

Page 2 of 4 FirstFirst 1234 LastLast

Similar Threads

  1. [Video] Messing with Metasploit
    By g0tmi1k in forum BackTrack Videos
    Replies: 15
    Last Post: 10-10-2010, 05:14 PM
  2. [Script] [Video] FakeAP_pwn (v0.2.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 184
    Last Post: 09-02-2010, 11:01 AM
  3. [Video] Messing with Metasploit
    By imported_g0tmi1k in forum OLD BackTrack 4 Howto
    Replies: 1
    Last Post: 03-19-2010, 12:30 PM
  4. Metasploit latest video
    By imported_mzer0 in forum OLD Pentesting
    Replies: 5
    Last Post: 09-14-2009, 09:43 PM
  5. metasploit vunerablilty script?
    By luca662 in forum OLD Pentesting
    Replies: 6
    Last Post: 10-05-2008, 01:58 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •