Results 1 to 7 of 7

Thread: only_sslstrip_to_have_credentials.avi

Hybrid View

  1. #1
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default only_sslstrip_to_have_credentials.avi

    hi, guys
    to make the "new" Simple + long + boring(+perhaps unnecessary) videos to use ONLY sslstrip [in bt5r1-kde32 (kernel 2.6.39.4)] to sniff the credentials in my virtual lan.
    about half of my videos ie explorer (XPSP3) have a little crash! (sorry)
    I even forgot to copy the facebook login (correctly sniffed in the writeoutput sslstrip [sniff] (sorry)


    ps: I'm using fake credential in the video, but the real ones I tested and the result is The Same

    if you want to watch: http://vimeo.com/29855807
    thanks by zimmaro

  2. #2
    Just burned his ISO
    Join Date
    Aug 2011
    Posts
    6

    Default Re: only_sslstrip_to_have_credentials.avi

    ello
    I would like to ask a question
    every time I enter the msfconsole
    I have to do this = http://www.backtrack-linux.org/wiki/...ramework_MySQL
    how to put comfig forever


    thanks

  3. #3
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default Re: only_sslstrip_to_have_credentials.avi

    hi mudexhack
    but your reply is not inherent to this video!!!
    however, if I understand the question: Do you want to use the Metasploit_console if you open the terminal & write msfconsole ( the wiki if you read need to enable the mysql database INSIDE msfconsole! msfconsole is not only db_...but much more!!
    I hope to have understood the question bye zimmaro

  4. #4
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    6

    Default Re : only_sslstrip_to_have_credentials.avi

    hi
    thanks Zimmaro for all the work around bt5
    was very instructive ans very helpful to read and see what have you one

    mudexhack google on old metasploit bolg msfconsole.rc file BUT in backtrack 5 you dont need to do this the db is postgresql up and runing at boot time you have just to launche msf an to confirme if you are connected use the command db_status and Open your eyes

  5. #5
    Just burned his ISO
    Join Date
    Aug 2011
    Posts
    6

    Default Re: only_sslstrip_to_have_credentials.avi

    you're right, my question has nothing to do with this video, sorry

    you do not quite understand my question...
    priate I go into msfconsole, I have the hassle of connecting to the database,,, whenever I log in metasploit, always

    I am looking for a metodo.que can stay connected without me having to write,
    msf >db_driver mysql[*] Using database driver mysql
    msf > db_connect root:toor@127.0.0.1/msf3
    msf >


    I hope I have explained
    excuse the inconvenience

  6. #6
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default Re: only_sslstrip_to_have_credentials.avi

    hi, mudexhack.....(I think we should move the "theme" in the appropriate section)however:
    in MY bt5r1 update & upgrade today.not needed more to write the string db_connect .......
    -my MYSQL automatic start-up-every reboot (or press the button / backtrack / service if you dont want to write :service mysql start)
    -root@bt:~# msfconsole

    # cowsay++
    ____________
    < metasploit >
    ------------
    \ ,__,
    \ (oo)____
    (__) )\
    ||--|| *


    =[ metasploit v4.0.1-dev [core:4.0 api:1.0]
    + -- --=[ 737 exploits - 378 auxiliary - 85 post
    + -- --=[ 228 payloads - 27 encoders - 8 nops
    =[ svn r13820 updated today (2011.10.06)

    msf > db_driver mysql[*] Using database driver mysql
    msf > hosts

    Hosts
    =====

    address mac name os_name os_flavor os_sp purpose info comments
    ------- --- ---- ------- --------- ----- ------- ---- --------
    192.168.1.1 00:25:53:45:AF:E1 alicegate.homenet.telecomitalia.it
    192.168.1.253 00:0C:6E:B0:19:30 ---.homenet.telecomitalia.it

    msf > db_autopwn -p -q -e -R great 192.168.1.253 (IF YOU WANT TO USE AUTOPWN) or [*] (1/214 [0 sessions]): Launching exploit/bsdi/softcart/mercantec_softcart against 192.168.1.1:80...[*] (2/214 [0 sessions]): Launching exploit/linux/http/ddwrt_cgibin_exec against 192.168.1.1:80...[*] (3/214 [0 sessions]): Launch..........



    also the postgresql database is now already "" preloaded "" to the same method!
    someone from the forum would be able to create a "" script "" which come up to here!
    I am not able (I struggle to remember my name and my age ). I do not know if it's worth it!
    bye!

  7. #7
    Just burned his ISO
    Join Date
    Aug 2011
    Posts
    6

    Default Re: only_sslstrip_to_have_credentials.avi

    OK
    thanks for the help
    I'm really grateful...
    I will be careful not to post more in the wrong places
    rsrsrs

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •