Been long time, i never update anything, finally, a free day in my life…. I’ve compiled a hacking tutorial for beginners to learn and understand, about Metasploit Framework and what and why and how to use it.
The scenario would be, using a Linux Kali system with Metasploit, we create a file and send to a Windows machine and make the user to execute it, and when the user execute the file, a connection would open to Linux Kali, beyond that, we can control, steal and pretty much do anything to Victim Computer.
The scenario calls for a situation where, a file that created is a kind of a “Trojan virus”, and we send the trojan to victim machine, the challenge is, to send the file and make the file bypass the default security settings in a Victim computer.
Firstly, Prepare your environments, things you need :
1. Virtual Machine [ one Kali Linux VM & one more Windows 8(Victim) VM ]
2. Knowledge [ TCP , IP , some basic command Line knowledge in Windows and Linux ]
The Topics :
A. What is Metasploit Framework & How to Use it
B. What is Payload and How to Create it
C. How to Transfer or get the payload delivered to Victim
D. Exploit! and the Fun Begins !!
E. Things you can do once Exploit is Successful
A. What is Metasploit Framework & How to Use it?
Metasploit, is a Framework to perform penetration testing towards a Computer, the Framework contains all the latest known vulnerabilities in Software and Hardware that available in the Market, from Windows , Unix to Cisco Router … etc.., therefore, using the framework, One can exploit the known vulnerabilities of a System. Obviously, the usage of this framework is to learn and patch known holes in the systems.
How to use Metasploit? The Framework is downloadable and Configurable in any Linux / Unix environment, but, to make life easier, its already included in Linux Kali, you just need to start it to use it.
Once the msfconsole is up and running, then we need to create the Payload!,
B. What is Payload and How to Create it ?
A payload is term used in Metasploit Framework to describe a specially crafted file that contains malicious code that has ability to perform backdoor connection. Commonly, a reverse connection back to the hacker computer. Most Anti virus would detect this, but as technology evolves, only the best anti virus & anti malware has the ability to read the file’s pattern and detect it as a virus or malicious file that would harm the computer.
Creating a Payload in Metasploit Framework is very easy, there’s many payload available in this framework, for simplicity purpose, I’ve used the most easiest payload, lets see, on how to create it,
Firstly, you need to run these commands, These commands will make the framework to load the particular payload
Once the payload loaded onto the framework, we need to plumb in some information about our Linux Kali and then, we create the payload file.
C. How to Transfer or get the payload delivered to Victim?
Once the payload file created, I’ve named it “runme.exe”, the next step is, we need to create a webserver and put the payload file in the web server, and send a trick/spam email to victim advising him to download and run the file.
[ For the purpose of simplicity, I just created a simple FAKE website and simple FAKE email to do this, you can be creative, create a super FAKE page and a SUPER fake EMAIL to convince the victim, remember!, the success of this hacking is all about getting the victim to download the file and execute it ]
You can follow the steps below for a simple POC web server and a simple Fake email with links. You just need to copy the payload File called “runme.exe” to the web directory and create a index.html file with appropriate html syntax and start the Web Server.
Once, the web server started, you can now, go ahead and browse the site via ip address and verify the payload file is downloadable, if its good, go ahead and create an email to the victim with links pointing to the Payload files and send to the victim.
After the email is sent, the next step would be, to create a handler to handle the incoming connection from our payload file.
D. Exploit! and the Fun Begins !!
Exploit! , well, based on the payload you use, you can hit directly to a victim computer or create handler exploit to handle incoming connection from the payload execution. In our case, we are not hitting directly, because, hitting directly is solely based on what software is running in Victim computer and the count of vulnerabilities exist in that software. What we about to do next is, to create a handler exploit, which, the framework would create a server process and start listening to connection from the payload file. A handler is to handle the incoming connection upon successful execution of the payload file in the victim computer, Once the Victim executes the payload files, the handler will send a staged file to the victim computer , and this is what we call “Exploit” for that, the following commands would create a handler , and will start a server service.
Done! you may congratulate yourself! , The Payload created and sent to victim, and Handler exploit is running in our Linux Kali, next, we shall WAIT for the victim to execute the file.
The last snap, is where the Victim downloads the file and executes the file, in a not well maintained Windows system, the file can be downloaded without any problem.
When the victim, executes the file, nothing will happen, the victim would NOT sense anything, it would not disrupt anything the victim is doing, but in the background, what really happens is, the payload file ( runme.exe ) have created a connection back to our Linux Kali system, and our handler exploit ( Server Process ) will exploit the victim’s computer by sending a stage file to the victim computer, as you can see, a hole is created between the Linux Kali(attacker) and Windows 8(Victim) the following output is expected in Linux Kali system
and, we Own3d the Windows 8 (victim), during the sending of stage file, the victim could not sense anything, his/her computer would behave normal and since we crafted the payload using “Shikata Ga Nai” encoder, even the built in anti malware in Windows 8 could not sense it, the following step, is what can we do to the victim, there are many commands can be executed, many thing can be done, I’ve highlighted, 2 fun things you can do,
E. Things you can do once Exploit is Successful
Lets say, the victim is browsing and logging into some website, or practically doing anything in his/her computer, we can snapshot the screen and save it in Linux Kali system, as follows,
That’s a cool thing to do! don’t you think so? [ Evil Laugh ]
Apart of the screenshot, we could also steal the victim’s data! Let’s say, the victim have some data/files in his/her computer, because we have a session connected via our payload, we have the ability to browse and download the files.
And that’s metasploit framework in action, simple and ready to use. As you can see, the entire demo in this blog is for learning and POC only, one can misuse the information doing illegal activity, One can do this very creatively in any open Network, its not necessary to send the links via email,one can perform network poisoning to redirect the victim to download the file and one can create a webpage that auto downloads the payload file… or perform buffer overflow using known vulnerabilities in the victim computer,…..anything is possible…. so, to save guard your system, follow this steps:
1. NEVER download files or Click any unknown links you find in internet, email or files.
2. Encrypt your DATA at all time.
3. Update / Install Patch to your system
4. Have a counter protective softwares such as Anti Virus, Firewall and Anti Malware
5. Be vigilant and Attend training for more information on how to be safe in cyberspace.
By Following the steps highlighted above, you can rest assure, your computing would be safe….
Thank You very much for reading and supporting my blog. Do let me know, if you need more information, if I’m free, I’m willing to help, or buy me beer, that would really encourage me to really HELP you…. hehehe….So long people, till’ we meet again in another blog post. Stay Safe, Stay Vigilant!
*all this DEMO was done in a Controlled environment, no DOGS or CATS were harmed during the production of this DEMO.
*all EMAIL, COMPUTER AND WINDOWS account used in the DEMO is with 100% permission from the owner[s]. ( That is ME )
*Use all the information with your own risk, www.steven.com.my do not condone this demo to be used in real public environment or for any illegal activity.