By setting up a fake web site, we social engineer our target to run our exploit. The end result gives us command line access to our target's PC.
Watch video on-line:
Download video: http://download.g0tmi1k.com/videos_archive/MITM_(Ettercap).mp4
- Ettercap to do the MITM Attack
- Metasploit for the exploit
- Secure BackDoor (SBD) for the backdoor
- Apache for the web server
- A web server
- SBD (optional)
All of this is on backtrack 4.
Attackers IP: 192.168.1.104
Targets IP: 192.168.1.101
Gateway IP: 192.168.1.1
Home Page: http://ettercap.sourceforge.net/
Download Link: http://prdownloads.sourceforge.net/ettercap/ettercap-NG-0.7.3.tar.gz?download
Home Page: http://www.metasploit.com/
Home Page: http://tigerteam.se/ (source: http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=sbd)
Download Link: http://packetstormsecurity.org/UNIX/netcat/sbd-1.36.tar.gz
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
- Sorry for the poor video editing on this one - it is cut from a final video called "g0tmi1k's home network" which is still incomplete.
Song: Mr. Scruff - Is He Ready & Mr. Scruff - Get a Move On
Video length: 06:57
Capture length: 7:40