Results 1 to 7 of 7

Thread: Failing to exploit some machines

Threaded View

  1. #1
    Member
    Join Date
    May 2011
    Location
    Portugal
    Posts
    84

    Default Failing to exploit some machines

    Hello to all BackTrack community.

    I have a problem, I created an environment that i expect to attack, im using 4 computers, one with BackTrack the attacker and the others are using Windows 7, Windows XP and Linux CentOS.

    What i want to do is get full access to those computers. Well all computers are full patched, i mean no ms08... exploits will work. I know i can exploit the XP machine that way but i want to perform a advanced attack. What i tought that would work was using the "java_rhino" exploit.

    1) I spoofed the ARP table of all computers, all the traffic going on, pass through BT machine, i used:

    #echo 1 > /proc/sys/net/ipv4/ip_forwarding
    #arpspoof -i eth0 -t (victim ip) (router ip)

    2) With armitage I found all the computers i want to get access. I had to disable the firewall on Windows Machines since i don't know how to get through the firewall with ICMP packets (if anyone wants to help me with that too, i would be gratefull)

    3) I started the "java_rhino" exploit. The victims need to get to the "website" http://192.168.1.100:53/" so i can get the attack done.

    4) I created a list of websites that are common that people to visit, since i dont want to go direct to http://192.168.1.100:53/ input on browser and i want to redirect those websites to http://192.168.1.100:53/.

    #echo www.google.com > websites.txt ; echo www.facebook.com >> websites.txt ; echo www.youtube.com >> websites.txt

    5) I read about hijacking the browser session on a Book about backtrack, written by Vivek Ramachandran, he used on an exaple:

    #dnsspoof -i mitm-bridge

    mitm-bridge is a bridge that he created comming from a honeypot

    I used:

    #dnsspoof -i ath0 websites.txt

    6) Every time the user connects to www.google.com it gets to a webpage with the text "It works" because he started an apache server.

    I don't have apache started but i have the "java_rhino" working as a server.



    The problem is that i can't get access to the machines, only if i write http://192.168.1.100:53/, but that takes the fun part out of the attack.

    I garantee that i'm performing this in my own network with my own computers. I hope that anyone could help me, thank you very much for reading the post.

    Strakar
    Last edited by strakar; 12-13-2011 at 03:08 AM.

Similar Threads

  1. Virtual machines
    By rhoomega in forum BackTrack 5 Beginners Section
    Replies: 7
    Last Post: 05-30-2011, 11:11 AM
  2. Search for machines in network?
    By magliter in forum Beginners Forum
    Replies: 3
    Last Post: 10-07-2010, 11:30 AM
  3. Problem with SET on machines outside of my LAN
    By tehryan in forum Beginners Forum
    Replies: 2
    Last Post: 08-12-2010, 01:24 PM
  4. 1 bt4 usb with drivers for multiple machines?
    By Krytical in forum Beginners Forum
    Replies: 1
    Last Post: 06-08-2010, 09:05 PM
  5. Add existing virtual machines
    By playtrack in forum OLD BackTrack 4 General Support
    Replies: 3
    Last Post: 09-09-2009, 05:28 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •