Keylogging with Unicode support
You will not realize the difficulty of logging keystrokes if the target language is not English, unless you try to do it. Details are here: http://eldeeb.net/wrdprs/?page_id=229
[ultimet v0.25.1] – msfpayload functions & social engineering friendly
25 – 01 Revolution Edition What’s new in this version? msfpayload functionality: It can create exe files that connects upon execution using pre-configured settings “exactly as msfpayload generated exe”, however, generated exe files still accept command line arguments and settings could be reset or changed, all that supported from within that single exe … “meterpreter-on-steroids”. (thanks … [Read more…]
[ultimet_v0.2] – Added support for bind_tcp & bind_metsvc
What’s new: – Anwar Mohamed “@anwarelmakrahy” Added support for metsvc_bind_tcp & bind_tcp… `git pull` if you’re interested in the source code, or just get the binaries from here. … Thanks, Anwar! – Now ultimet works as the following meterpreter payloads: reverse_tcp bind_tcp reverse_http reverse_https bint_metsvc <- when stage included reverse_metsvc <- when stage included – Code got just … [Read more…]
ultimet – Compiling from source, usage examples & FAQ
For intro. and information about what’s this all about, please go here To download ultimet, click here Source code – github: https://github.com/SherifEldeeb/inmet Q: What are the available options? –help Q: I don’t like running binaries from people I do not trust, how to compile from source? 1- Clone the source from https://github.com/SherifEldeeb/inmet 2- Open solution in VS … [Read more…]
Creating a better meterpreter reverse_http handler…
EDIT: As of framework commit 912bfd5, the features described in this post are now part of the framework itself… learning just a little more about how MSF works… IMHO, meterpreter/reverse_http is one of the best payloads available in the metasploit arsenal, this post is about modifying the handler part, so it will look less suspicious, and … [Read more…]
Using “stunnel” to run “Havij” against “HTTPS” sites.
I am all into sqlmap, however, there are situations where sqlmap just fails for one reason or another, and Havij gets the job done. One major problem with Havij is that it doesn’t work with HTTPS sites “at least for me”, and I came across a particular site with a confirmed SQLi that when I … [Read more…]
Changing meterpreter/reverse_http “User-Agent:” and “Server:” strings
EDIT 2012-07-01: Please read HD’s comment below, as of 1st of July 2012, you can set “MeterpreterUserAgent” and “MeterpreterServerName” to do that from the framework itself. The meterpreter/reverse_http(s) payload’s network communications leaves traces of its existence in many places “Mainly HTTP Proxy logs” One of the most obvious and easiest-to-detect signs are the “User-Agent:” header from the … [Read more…]
Creating the Cheapest “ugliest” Passive Ethernet tap on earth!
This post is showing how to create a passive ethernet tab using only an ethernet cable and four RJ-45; it is not about creating a good passive ethernet tap, or even to explain what it is, that has already been explained better by others, the result will be ugly, not optimal… but hey, it works!. Passive … [Read more…]
Looking for Flame malware in AD domain environment (Part 1)
Even though this post is focusing on finding flame malware files in a windows domain environment, the concepts are valid for looking for “any” particular file in your domain machines. If you do not know what’s flame, look here. A list of flame Command and Control servers (DNS & IPs) can be found here. In … [Read more…]