Heeey guys! What’s up?
In the recent past, I have covered mostly remote hacking techniques. So I decided to step back and review some local hacking techniques… such as the Java Applet combined with man-in-the-middle and dns spoofing. Can’t go wrong, right? 🙂
Strategy Behind the Attack
Suppose you are assigned to test the security of a rogue network and its clients. You already have access to the network, so the next step is assessing the clients! Obviously you don’t want to cause too much noise on the network as that would make you immediately noticeable, therefore, resulting in an unsuccessful attack.
It’s clear that for this assessment, the best alternative is to redirect focused traffic of a popular website. This website of choice should be decided based on prior reconnaissance. Social networking websites are always a good choice, be it for a corporate target, educational, etc. No one is going to bother the IT folks about problems on their Twitter page because then it’s clear they weren’t working, right? 😀
Once we get the target(s) to run our desired payload, we can go ahead and stop redirecting the traffic. For this example, I’m gonna be using the Social Engineering Toolkit’s AES encrypted http shell simply because it’s fast, encrypted and lightweight… let’s go ahead and check out how this attack is done! But first, take a quick peek into the system and tools.
System and Tools
Operating System USED
Attacker — parrotsec
Victim — Windows 7 x64
If you intend to use the custom shell as a backdoor, take a look at the payload folder in you installation of set… some priceless information included in the comments if you’re thinking about compiling your own and make it extra stealthy.
It is also a good idea to use a powerful wireless card — such as the Alfa awus036nh on the right — for the man-in-the-middle part of the attack. The card provides for wide range and quick response as far as the packets go.
Check out the vid below in high quality!!