Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: java_signed_applet

  1. #11
    Junior Member
    Join Date
    Aug 2009
    Posts
    27

    Default Re: java_signed_applet

    Quote Originally Posted by LHYX1 View Post
    You can run a website on any port Then you just enter http://ip: port in your browser. That's all
    And yes you forward 2 ports. One for the payload and one for the server

    so for example 8080 for the server and 443 for the payload.
    thanks buddy for enlighting me im gonna try it out and see wat happens

  2. #12
    Junior Member
    Join Date
    Aug 2009
    Posts
    27

    Default Re: java_signed_applet

    PAYLOAD detected ...is there a way to encode this payload ! ? shikata_ga_nai is detected too ...and how to encode this payload be4 starting the APPLET server

  3. #13
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default Re: java_signed_applet

    Quote Originally Posted by rebrov View Post
    PAYLOAD detected ...is there a way to encode this payload ! ? shikata_ga_nai is detected too ...and how to encode this payload be4 starting the APPLET server
    hi
    http://www.backtrack-linux.org/forum...ad.php?t=48522

  4. #14
    Junior Member
    Join Date
    Aug 2009
    Posts
    27

    Default Re: java_signed_applet

    1st of all when i finished starting the script it gives me :

    Handler failed to bind to xx.xx.xx.xx:8080 <-=--- WAN IP[*] Started reverse handler on 0.0.0.0:8080 [*] Starting the payload handler...[*] Sending stage (752128 bytes) to xx.xx.xx.xx

    i tried it with website clone and when i open my IP:8080 it gives encrypted page not the site i've cloned and it stuck and sending stage page

    any idea ??

  5. #15
    Senior Member LHYX1's Avatar
    Join Date
    Sep 2010
    Location
    Belgium
    Posts
    127

    Default Re: java_signed_applet

    If you use a payload that's encrypted with my script, it takes about 8 sec before you get as shell
    But in my experience the java applet attack method doesn't always succeed. What browser are you using ?
    I got it to work in firefox and IE but still no succes in chrome. I'm currently coding this attack myself so I can fully understand it. I'll post it when I'm done.
    For the cloning part, what exactly do you mean with an encrypted page? Normally the site cloner of SET works fine.

    Handler failed to bind to xx.xx.xx.xx:8080 <-=--- WAN IP[*] Started reverse handler on 0.0.0.0:8080
    And this is normal
    Last edited by LHYX1; 03-26-2012 at 02:41 AM.
    (\ /)
    ( . .)
    c(")(")

    This is bunny.
    Copy and paste bunny into your signature to help him gain world domination.

  6. #16
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default Re: java_signed_applet

    Hi lhyx1
    would take a nice video...... Not as those of zimmaro!!!
    muaahahah!
    Thx for your works
    bye

  7. #17
    Junior Member
    Join Date
    Aug 2009
    Posts
    27

    Default Re: java_signed_applet

    Quote Originally Posted by LHYX1 View Post
    If you use a payload that's encrypted with my script, it takes about 8 sec before you get as shell
    But in my experience the java applet attack method doesn't always succeed. What browser are you using ?
    I got it to work in firefox and IE but still no succes in chrome. I'm currently coding this attack myself so I can fully understand it. I'll post it when I'm done.
    For the cloning part, what exactly do you mean with an encrypted page? Normally the site cloner of SET works fine.


    And this is normal
    im using firefox dats 1st ...encrypted means the page loaded with alot of words like encrypted no word readable ...and yes u right i tried SET web cloning be4 with SET and it was fine and worked with Credentials Harverster ...but this time doesn't work can't u post video as tutorial of how to do it in details ??

  8. #18
    Senior Member LHYX1's Avatar
    Join Date
    Sep 2010
    Location
    Belgium
    Posts
    127

    Default Re: java_signed_applet

    Here's a tutorial I found with a quick google search: http://vimeo.com/11185970
    My antivirus evasion script can start the java applet attack of set too.
    You can use that if you want.
    (\ /)
    ( . .)
    c(")(")

    This is bunny.
    Copy and paste bunny into your signature to help him gain world domination.

  9. #19
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: java_signed_applet

    Hi guys, I'm back ! I'll try to do the chart this afternoon. I must warn you, if I can't do something decent (never did a chart before and my photoshop skills are not in this area), I won't bother posting it. I'll tell you I failed though.
    If I'm successful, you'll have it this afternoon or tonight (GMT+1 here).

    Cheers !
    Edit : there you go ! I must warn you it's been a while I didn't use this attack, so I might have got mixed up but the basics should be there. It's also simplified since it would have been a pain in the ass if I had to detail the sending stage phases etc. The main goal is to show that there are different parameters, which are which, and how to forward you ports. I hope this helps. I can provide the PSD file if someone wants to edit stuff (like the configuration).

    (right clic on the image and open in new tab for larger view)
    Immagini allegate Immagini allegate
    Last edited by comaX; 03-27-2012 at 05:39 AM.
    Running both KDE and GNOME BT5 flawlessly. Thank you !

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •