Page 1 of 2 12 LastLast
Results 1 to 10 of 37

Thread: autopwn w/ fast-track.py

Hybrid View

  1. #1
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default autopwn w/ fast-track.py

    Just fooling around with fastrack by rel1k. Thought I'd post a video of it i made. Just sort of a proof of concept that it works.


    autopwn w/ fast-track.py


    *fullscreen mode is in the bottom right corner

  2. #2
    Member s1lang's Avatar
    Join Date
    Sep 2007
    Posts
    189

    Default

    Another great video mate

    Cheers

  3. #3
    Junior Member
    Join Date
    Nov 2007
    Posts
    79

    Default

    Yep another good vid tut.
    Nice tune also.

    Just one question one you have the remote shell can you call upon it at any time or once you close fastrack does access to that machine also close.

  4. #4
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Once fast track is closed I personally don't know how to save the session so what I do is scroll back through the logs and note which exploits worked. Then I can open a metasploit console and use the exploit I know works with more exotic payloads such as the meterpreter .dll.

    which is my next video I'm working on today. It will be a few parts. I will use windows to build a vnc backdoor and use metasploit to up load and execute it.

    Some one else may know how to save the sessions in autopwn but I do not.

  5. #5
    Junior Member
    Join Date
    Nov 2007
    Posts
    79

    Default

    Thanks for the quick reply pureh@te.

    Looking through the logs is a good enough answer for me.
    thanks

  6. #6
    Senior Member shamanvirtuel's Avatar
    Join Date
    Mar 2010
    Location
    Somewhere in the "Ex" human right country
    Posts
    2,988

    Default

    in ezpawn i will launch autopawn via directly a msfconsole so you won't have pb to save your session after it ends........
    Watch your back, your packetz will belong to me soon... xD

    BackTrack :
    Giving Machine Guns to Monkeys since 2006

  7. #7
    Junior Member azagorath's Avatar
    Join Date
    Mar 2008
    Posts
    44

    Default

    nice video , i have a problem with autopwn , it freeze in the middle of the process specially when its try to crack apache server or IIS overflow exploits

  8. #8
    Member
    Join Date
    Feb 2006
    Posts
    167

    Default

    Quote Originally Posted by azagorath View Post
    nice video , i have a problem with autopwn , it freeze in the middle of the process specially when its try to crack apache server or IIS overflow exploits

    It's not crashing, theres just carraige return after that specific exploit, just hit enter and you should see the msf> portion. That means it has completed.

  9. #9
    Just burned his ISO
    Join Date
    Mar 2008
    Posts
    14

    Default fast-track working on patched xp?

    Hi,

    I've read a few posts/threads here & proved myself right, this cannot be done on a fully patched xp box right? I've experienced most the 'issues' other members are having, it' will either hang, or just scan my IP address & then give me
    msf>
    I type sessions -l & get nothing, so my question is, will there be a way around this in a later version of BT3?

    My 2nd question is, I've also tried using the meterpreter attack, I watched a few different videos by members, think the 1st one I saw was by pureh@te, good video & looks like a very powerful tool, but again I had no success using this, is it because I am trying to attack my fully patched xp box? Obviously its patched because I want to see how good the tools are in BT, I dont want to have to reinstall xp with no SP just to prove it works, surely there's another way around it?

    I hear you asking, what commands am I typing & where am I going wrong, well I'll show you

    nmap -sV 192.168.1.10

    returns back 139,445 open, new shell I open fasttrack, then option 2, then 3, then type my target IP address, this returns back saying nmap done in 20 seconds, & left with
    msf >

    So I take it my target is safe & cannot be compromised?
    Please say NO & tell me there is away around this

    Many thanks

  10. #10
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    A fully patched XP box is a little harder to compromise however not impossible. To be honest I am one of those people with a pesky set of morals and values that deter me from posting step by step instructions on working exploits. The point of working on older box's is so when you do have a need or a chance to use meterpreter in a pen-test situation you will know WTF you are doing.

    For example: Certain airlines use their own codes and instructions for their computer networks that the handle ticketing and other tasks . Now suppose you want to "hack" them and get a couple of free tickets to Hawaii. So you gain entry to the system, and you get in there and you cant even change directories because you put the cart before the horse and forgot to learn the system commands.

    In any case most of the time systems are compromised by running a vulnerable service that has not been patched. Microsoft has enough money to patch most vulnerabilities before a public exploit is released. (not always though).

    Exploitation is hard work and the wetdream of having a Point-and-Click, No brain needed exploitation platform has only manifested it self in one software so far and that is Core-Impact. For 3,000 dollars a month you can own a licenses to it and it will do all the work for you.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •