Hello to all BackTrack community.
I have a problem, I created an environment that i expect to attack, im using 4 computers, one with BackTrack the attacker and the others are using Windows 7, Windows XP and Linux CentOS.
What i want to do is get full access to those computers. Well all computers are full patched, i mean no ms08... exploits will work. I know i can exploit the XP machine that way but i want to perform a advanced attack. What i tought that would work was using the "java_rhino" exploit.
1) I spoofed the ARP table of all computers, all the traffic going on, pass through BT machine, i used:
#echo 1 > /proc/sys/net/ipv4/ip_forwarding
#arpspoof -i eth0 -t (victim ip) (router ip)
2) With armitage I found all the computers i want to get access. I had to disable the firewall on Windows Machines since i don't know how to get through the firewall with ICMP packets (if anyone wants to help me with that too, i would be gratefull)
3) I started the "java_rhino" exploit. The victims need to get to the "website" http://192.168.1.100:53/" so i can get the attack done.
4) I created a list of websites that are common that people to visit, since i dont want to go direct to http://192.168.1.100:53/ input on browser and i want to redirect those websites to http://192.168.1.100:53/.
#echo www.google.com > websites.txt ; echo www.facebook.com >> websites.txt ; echo www.youtube.com >> websites.txt
5) I read about hijacking the browser session on a Book about backtrack, written by Vivek Ramachandran, he used on an exaple:
#dnsspoof -i mitm-bridge
mitm-bridge is a bridge that he created comming from a honeypot
#dnsspoof -i ath0 websites.txt
6) Every time the user connects to www.google.com it gets to a webpage with the text "It works" because he started an apache server.
I don't have apache started but i have the "java_rhino" working as a server.
The problem is that i can't get access to the machines, only if i write http://192.168.1.100:53/, but that takes the fun part out of the attack.
I garantee that i'm performing this in my own network with my own computers. I hope that anyone could help me, thank you very much for reading the post.