autopwn w/ fast-track.py

[purehate]

Just fooling around with fastrack by rel1k. Thought I'd post a video of it i made. Just sort of a proof of concept that it works.


autopwn w/ fast-track.py


*fullscreen mode is in the bottom right corner

[s1lang]

Another great video mate

Cheers

[anathema]

Yep another good vid tut.
Nice tune also.

Just one question one you have the remote shell can you call upon it at any time or once you close fastrack does access to that machine also close.

[purehate]

Once fast track is closed I personally don't know how to save the session so what I do is scroll back through the logs and note which exploits worked. Then I can open a metasploit console and use the exploit I know works with more exotic payloads such as the meterpreter .dll.

which is my next video I'm working on today. It will be a few parts. I will use windows to build a vnc backdoor and use metasploit to up load and execute it.

Some one else may know how to save the sessions in autopwn but I do not.

[anathema]

Thanks for the quick reply pureh@te.

Looking through the logs is a good enough answer for me.
thanks

[shamanvirtuel]

in ezpawn i will launch autopawn via directly a msfconsole so you won't have pb to save your session after it ends........

[azagorath]

nice video , i have a problem with autopwn , it freeze in the middle of the process specially when its try to crack apache server or IIS overflow exploits

[imported_relik]

nice video , i have a problem with autopwn , it freeze in the middle of the process specially when its try to crack apache server or IIS overflow exploits

It's not crashing, theres just carraige return after that specific exploit, just hit enter and you should see the msf> portion. That means it has completed.

[-=@cidburn=-]

Hi,

I've read a few posts/threads here & proved myself right, this cannot be done on a fully patched xp box right? I've experienced most the 'issues' other members are having, it' will either hang, or just scan my IP address & then give me
msf>
I type sessions -l & get nothing, so my question is, will there be a way around this in a later version of BT3?

My 2nd question is, I've also tried using the meterpreter attack, I watched a few different videos by members, think the 1st one I saw was by pureh@te, good video & looks like a very powerful tool, but again I had no success using this, is it because I am trying to attack my fully patched xp box? Obviously its patched because I want to see how good the tools are in BT, I dont want to have to reinstall xp with no SP just to prove it works, surely there's another way around it?

I hear you asking, what commands am I typing & where am I going wrong, well I'll show you

nmap -sV 192.168.1.10

returns back 139,445 open, new shell I open fasttrack, then option 2, then 3, then type my target IP address, this returns back saying nmap done in 20 seconds, & left with
msf >

So I take it my target is safe & cannot be compromised?
Please say NO & tell me there is away around this

Many thanks

[purehate]

A fully patched XP box is a little harder to compromise however not impossible. To be honest I am one of those people with a pesky set of morals and values that deter me from posting step by step instructions on working exploits. The point of working on older box's is so when you do have a need or a chance to use meterpreter in a pen-test situation you will know WTF you are doing.

For example: Certain airlines use their own codes and instructions for their computer networks that the handle ticketing and other tasks . Now suppose you want to "hack" them and get a couple of free tickets to Hawaii. So you gain entry to the system, and you get in there and you cant even change directories because you put the cart before the horse and forgot to learn the system commands.

In any case most of the time systems are compromised by running a vulnerable service that has not been patched. Microsoft has enough money to patch most vulnerabilities before a public exploit is released. (not always though).

Exploitation is hard work and the wetdream of having a Point-and-Click, No brain needed exploitation platform has only manifested it self in one software so far and that is Core-Impact. For 3,000 dollars a month you can own a licenses to it and it will do all the work for you.