Basic Security Testing with Kali Linux by Dieterle Daniel

Author:Dieterle, Daniel [Dieterle, Daniel]
Language: eng
Format: epub, azw3, mobi, pdf
Published: 2014-02-19T00:00:00+00:00

Use “sessions -i” and the session number to connect to any of the sessions.

Once connected, you can use any of the built in Meterpreter commands, or use Linux commands to browse the remote PC, or simply running “shell” will give you a remote windows command shell:

That’s it, one bad choice on the victim’s side and as you can see, we have a complete remote session.

Social Engineering Toolkit: PowerShell Attack Vector

The Java based PowerShell attack is great, but what if the target is not running Java, or we could not trick them into visiting our SET page? Another Social Engineering attempt is to trick a user into running a file that we send them.

So, let’s take a look at creating a PowerShell shellcode file and sending it to a target. If we can trick the target into running the shellcode, or run it ourselves, we get a remote connection to the box.

In this section we will use SET’s PowerShell Attack Vector to create a PowerShell script that when run by a target system will connect back and create a remote shell to our Kali system. We will also set up SET to look for these incoming connections.

Fire up SET and pick option number 1, “Social-Engineering Attacks”.

Select option 10,“Powershell Attack Vector”.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.