Metasploit

Msfconsole Detecting Kippo SSH Honeypots – Kali Linux

thelinuxlab Kali Linux, Metasploit, Msfconsole , , , ,

Msfconsole Detecting Kippo SSH Honeypots – Kali Linux

Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.

Kippo is inspired, but not based on Kojoney.

Features:
Some interesting features:

Fake filesystem with the ability to add/remove files. A full fake filesystem resembling a Debian 5.0 installation is included
Possibility of adding fake file contents so the attacker can ‘cat’ files such as /etc/passwd. Only minimal file contents are included
Session logs stored in an UML Compatible format for easy replay with original timings
Just like Kojoney, Kippo saves files downloaded with wget for later inspection
Trickery; ssh pretends to connect somewhere, exit doesn’t really exit, etc Continue reading

Mitm Attack MITMf Framework for Man In The Middle

thelinuxlab Kali Linux, Metasploit, MITM, Video , , , , ,

The best MITM tool on Kali Linux MITMF
Injecting payload into softwares via HTTP
Mitm Attack MITMf Framework for Man In The Middle

MITMf

Framework for Man-In-The-Middle attacks
Quick tutorials, examples and developer updates at: https://byt3bl33d3r.github.io
This tool is based on sergio-proxy and is an attempt to revive and update the project.

Features

The framework contains a built-in SMB, HTTP and DNS server that can be controlled and used by the various plugins, it also contains a modified version of the SSLStrip proxy that allows for HTTP modification and a partial HSTS bypass. Continue reading

Exploiting Windows 10 MSFvenom & Msfconsole Backdoor Shell

thelinuxlab Backdoor, Kali Linux, Metasploit, Msfconsole, Video , , ,

MsfVenom a Metasploit standalone payload generator.
msfvenom is a combination of Msfpayload and Msfencode, putting both of these tools into a single Framework instance.

It is necessary that the PC victim executes the generated file.
Tested with AVG Free and Microsoft Security Essential. No threat found.
How to run the code to the PC victim? Use the Social Engineering !!!

Vulnerable systems Windows XP / Vista / 7/ 8 / 8.1 / 10 and Server Versions Continue reading