Shellter + Metasploit + NetRipper: Bypass Antivirus and Sniff HTTPS password – Penetration Testing in Linux

NetRipper – this is a fairly recent tool that is positioned for the post-operating system based on Windows and uses a number of non-standard approach to extract sensitive data. It uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption. This tool was first demonstrated at the Defcon 23 in Vegas.

Installing NetRipper in Kali Linux

root@ddos:~/Desktop# git clone http://ift.tt/1P0utYw

root@ddos:~/Desktop# cd NetRipper/Metasploit/

root@ddos:~/Desktop/NetRipper/Metasploit# cp netripper.rb /usr/share/metasploit-framework/modules/post/windows/gather/netripper.rb

root@ddos:~/Desktop/NetRipper/Metasploit# mkdir /usr/share/metasploit-framework/modules/post/windows/gather/netripper

root@ddos:~/Desktop/NetRipper/Metasploit# g++ -Wall netripper.cpp -o netripper

root@ddos:~/Desktop/NetRipper/Metasploit# cp netripper /usr/share/metasploit-framework/modules/post/windows/gather/netripper/netripper

root@ddos:~/Desktop/NetRipper/Metasploit# cd ../Release/

root@ddos:~/Desktop/NetRipper/Release# cp DLL.dll /usr/share/metasploit-framework/modules/post/windows/gather/netripper/DLL.dll

Generating FUD payload with Shellter

Download and run shellter

Choose Operation Mode and Target [executable file to embed backdoor], on this tutorial, i am going to use plink.exe file

Configure your payload, setting LHOST, RPORT parameter

Start Metasploit listener

Send backdoored-file to your victim and wait until it starts

You /post/windows/gather/netripper module, and setting the parametter. I am going to inject firefox.exe process. You can also inject Google Chrome process.

And now all the data from these processes are beginning to be saved in the temporary directory of the user.

Now, you can get all victim traffic (include HTTPS traffic)

You can view my video demo

The post Shellter + Metasploit + NetRipper: Bypass Antivirus and Sniff HTTPS password appeared first on Penetration Testing in Linux. http://ift.tt/2oULTOy http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s