Skip to main content

Backtrack 5 : Using Armitage For Hacking (Stealing Files,Downloading Keystrokes,Controlling Webcam from remote Locations)

Backtrack 5 : Using Armitage For Hacking.
Note: This guide is only for knowledge purpose

Stealing Files,Downloading Keystrokes,Controlling Webcam from remote Locations,ETC by Armitage.
Armitage is an GUI Platform for Metaspoilt and in technical terms,it is a script-able red team collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.It saves time and is very powerful in commencing Metaspoilt attacks.
What Do We Need ? Latest Metasploit framework.

Oracle Java 1.7
Preferably Internet on LAN

Step 1 -Open armitage on Backtrack 5:
By Going To : Backtrack > Exploitation Tools > Network Exploitation Tools > Metasploit Framework > armitage.
Step 2 : Connect Armitage:
Click on the connect Button .
Step 3 : Connecting Armitage :
Now use the patience part,and stretch your legs,it takes some time to connect.
Step 4 :  Armitage Window :
It has 3 Panels -
Target Panel 
Module Panel
Tabs Panel 
Step 5 : Finding the alive host on the Network :
Now you will search for Host on you network,By Going to Hosts -> Nmap Scan -> Quick Scan (OS detect).This will perform a quick scan to detect the host and their operating systems and vulnerabilities.
Step 6 : Inputting The Scan Range :
Now You have to insert scan range,that is you LAN ip range,Most preferably it would start with 192.168.0.- or 10.0.0.-.NOTE : the ( - ) resembles the computers on LAN.
Start the Scan.
Step 7 : Scan Complete:
After the scan has completed,if their are any other PC's on your network on,then they would be visible in the Target Pane (the Big Black box on the upper right).

Step 8 : Finding Attacks :
Click on Attacks tab in your toolbar and select Find Attacks.Start the scan and wait till it completes.
Step 9 : Set the vulnerability :
Right Click on the Host icon (windows pc) -> Select attacks -> smb -> ms08_067_netapi  vulnerability . 
Now a window should pop,Click on the check-box that says "Use  a reverse connection" .
Start Attack
Step 10 : The Final Result :
If the Host Icon Turn Red, it Means it works
So The Hacking Starts

Hack 1 - Opening Command Prompt :

Right click on the host -> Meterpreter1 ->Interact -> Command Shell 
Now You are In Their Command Prompt,You can now change,rename,delete,create files on their pc now.Search Google for some powerful windows commands.

Hack 2 - Start an KEYLOGGER :

Click on the Meterpreter2 -> Explore -> Log Keystrokes.
Now you will receive what the victim is typing.

Hack 3 - Take An Screen Shot :

Click on the Meterpreter2 -> Explore ->Screenshot.
Now you can see what is on their Facebook wall or Google mail accounts.

Hack 4 -Browse Files :

Right click -> Meterpreter2 -> Explore > Browse Files .
Now you can interact with all the files on victim PC via a GUI.

Hack 5 - Get in His Webcam.

Right click -> Meterpreter2 ->Explore -> Webcam shot
This is just for educational purpose 

Comments

Popular posts from this blog

IBM iAccess for windows 7.1 "a system restart is pending" error

 IBM iAccess for windows 7.1 "a system restart is pending" error HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager 1. Look for the following key:  PendingFileRenameOperations or   FileRenameOperations ** 2. Right-click ->  Rename . 3. Add a prefix ### and press Enter. 4. Close regedit and attempt the installation.  Note:  Make sure to go back and remove the ### prefix. The installation should continue.

Webex always using Microphone

 Webex always using Microphone 1). Navigate to Webex settings 2). Devices - Use Ultrasound 3). Remove ticket "Use Ultrasound"

Your organization manages updates on this PC

 Your organization manages updates on this PC We can disable updates from SCCM/WSUS for time being by using below command $currentWU = Get-ItemProperty -Path “HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU” -Name “UseWUServer” | select -ExpandProperty UseWUServer Set-ItemProperty -Path “HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU” -Name “UseWUServer” -Value 0 Restart-Service wuauserv Once required updates are installed on Laptop switch back to previous settings Set-ItemProperty -Path “HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU” -Name “UseWUServer” -Value $currentWU Restart-Service wuauserv