[Script] [Video] metasploit-FakeUpdate (v0.1.1)

[g0tmi1k]

Hello,

I am actually having the same issue I had with previous scripts, which led me to apply the whole thing manually, which I am certainly not opposed to, but the scripts you make, GotM1ilk, are quite nice and I do enjoy the way they are coded, quite nice work.

My issue is that once the "target" downloads the file, and a response on my BTBOX acknowledges that the application has been run and sending stage, it just gets stuck there.

Using the VNC tool for the file to upload.

You ARE opposed to do this manually BEFORE running this script (or any script for that matter!). The reason is because, you'll have a better idea what is happening/understanding. The script is only meant to save time for people that know whats what.

A few people are having this issue....
Are you running in VM?
Try and do the attack without doing MITM. Does it then work?
Firewall?
Which OS are you running (attacker and target)?
Whats happening if you look using Wireshark?

[RexBudman]

Lol, Thankyou for the reply m1lk.

I am sorry If I sounded unclear. I am not worried about having to run attacks manually, they are the better option in my opinion and alot more fun. But when one see's the wonderful scripts you make I feel that I want to use those too!

Ok down to the issue.
I am running out of a duel booted BT box, I have alot of space to play with.

Windows firewall is up, am trying to penetrate it.

I will run the attack tonioght when I get home without running a MITM.

Attacker on BT Target running up to date Windows 7 (I realize it is new and secured to old exploits, but I cam to the comclusion the exe would do the work on opening up the pathway)

I will also have to get back to you in regards to Wireshark, I will have to analyze the packets, wich I should have done prior but being strapped for time does not help.

m1lk, Thankyou again for taking the time to code, and time to post tut's with vids. They are not only greatly appreciated but greatly educational, and above all extremley fun! Thanks to many things I have learned on this site I have been able to provide a hobby service to my peers in securing their networks, and your tuts and vids are no exception. Thankyou.

[g0tmi1k]

Lol, Thankyou for the reply m1lk.

I am sorry If I sounded unclear. I am not worried about having to run attacks manually, they are the better option in my opinion and alot more fun. But when one see's the wonderful scripts you make I feel that I want to use those too!

Ok down to the issue.
I am running out of a duel booted BT box, I have alot of space to play with.

Windows firewall is up, am trying to penetrate it.

I will run the attack tonioght when I get home without running a MITM.

Attacker on BT Target running up to date Windows 7 (I realize it is new and secured to old exploits, but I cam to the comclusion the exe would do the work on opening up the pathway)

I will also have to get back to you in regards to Wireshark, I will have to analyze the packets, wich I should have done prior but being strapped for time does not help.

m1lk, Thankyou again for taking the time to code, and time to post tut's with vids. They are not only greatly appreciated but greatly educational, and above all extremley fun! Thanks to many things I have learned on this site I have been able to provide a hobby service to my peers in securing their networks, and your tuts and vids are no exception. Thankyou.

ooo yes, there is alot more "fun" to be had doing it manually, there is a limit on how much you can automate and code in a certain time frame

I would like to point out again, this is a old script! I've start work on the new version (which has completely new "internals/framework"), which will have the functions of this, as well as a few other script which I never released! (=

I believe your right, when the target runs the exploit file, doesn't matter which OS they are running, it opens them up (=
*Only different is Windows Vista/7 has UAC & Better built in firewalls etc!*

Yes, using Wireshark to debug the problem takes up time, but it does give a better "picture" of what exactly is going on/the problem!
If I could the same problem/issue that you're having I would be able to help more on this matter
You're in no rush, only do it when can.

Really, Thank you very much for your kind words. It's great to know my work isn't going waste, and its why I keep on making new stuff (=

[christofarian]

im having a problem ive tried on a windows xp machine and a windows 7 mahcine. i get the script running from my completly seperate BT4 machine . .it gets to the point where it says waiting to connect. but when i go open the browser on the target machine nothing is aked to be downloaded. ive tried with the firewall on and off. any suggestions.

[christofarian]

i got it working i actually forgot to uncomment my ipcains in my etter.conf file. but liek some others it jsut asks to download a 1kb file that dosen't open in anyhting . but if i go to the site directly ittl download the and execute fine. jsut the matter of getting it to go to the right page on launch

[g0tmi1k]

im having a problem ive tried on a windows xp machine and a windows 7 mahcine. i get the script running from my completly seperate BT4 machine . .it gets to the point where it says waiting to connect. but when i go open the browser on the target machine nothing is aked to be downloaded. ive tried with the firewall on and off. any suggestions.

i got it working i actually forgot to uncomment my ipcains in my etter.conf file. but liek some others it jsut asks to download a 1kb file that dosen't open in anyhting . but if i go to the site directly ittl download the and execute fine. jsut the matter of getting it to go to the right page on launch

This (metasploit-fakeUpdate) has been discontinued. It's currently being replace by another script (SITM), which will be able to do this ("better") as well as a few other ideas/scripts I've got.

Anyway,it sounds like you need to edit/update the index page to fix the download link.

[christofarian]

how would i go about updateing the index page . . i have played around with your SITM also looks good so far, i went to your google code page. i would really like to get this script to work while waiting for SITM to be complete

[christofarian]

i think you mis understood me. its not like i even get the browser to redirect to the correct page. as soon as i open my web browser or go to a site thats not cached a save file dialog box opens with a 1 kb file in it that dosent open in anything. if i go to facebook.com ittl go open a file called facebook_com something like that. and everypage you go to after that will not redirect you to the fake index.php on my apache server.

[4rsenicninj4]

@ christofarian
When this happens, go into your /var/www/ directory and delete index.html.old, then try it.

[christofarian]

There is no index.html.old theres an index.html and an index.php