[ultimet v0.25.1] – msfpayload functions & social engineering friendly

25 – 01 Revolution Edition What’s new in this version? msfpayload functionality: It can create exe files that connects upon execution using pre-configured settings “exactly as msfpayload generated exe”, however, generated exe files still accept command line arguments and settings could be reset or changed, all that supported from within that single exe … “meterpreter-on-steroids”. (thanks … [Read more…]

[ultimet_v0.2] – Added support for bind_tcp & bind_metsvc

What’s new: – Anwar Mohamed “@anwarelmakrahy” Added support for metsvc_bind_tcp & bind_tcp… `git pull` if you’re interested in the source code, or just get the binaries from here. … Thanks, Anwar! – Now ultimet works as the following meterpreter payloads: reverse_tcp bind_tcp reverse_http reverse_https bint_metsvc <- when stage included reverse_metsvc <- when stage included – Code got just … [Read more…]

ultimet – Compiling from source, usage examples & FAQ

For intro. and information about what’s this all about, please go here To download ultimet, click here Source code – github: https://github.com/SherifEldeeb/inmet Q: What are the available options? –help Q: I don’t like running binaries from people I do not trust, how to compile from source? 1- Clone the source from https://github.com/SherifEldeeb/inmet 2- Open solution in VS … [Read more…]

Creating a better meterpreter reverse_http handler…

EDIT: As of framework commit 912bfd5, the features described in this post are now part of the framework itself… learning just a little more about how MSF works… IMHO, meterpreter/reverse_http is one of the best payloads available in the metasploit arsenal, this post is about modifying the handler part, so it will look less suspicious, and … [Read more…]

Using “stunnel” to run “Havij” against “HTTPS” sites.

I am all into sqlmap, however, there are situations where sqlmap just fails for one reason or another, and Havij gets the job done. One major problem with Havij is that it doesn’t work with HTTPS sites “at least for me”, and I came across a particular site with a confirmed SQLi that when I … [Read more…]

Changing meterpreter/reverse_http “User-Agent:” and “Server:” strings

EDIT 2012-07-01: Please read HD’s comment below, as of 1st of July 2012, you can set “MeterpreterUserAgent” and “MeterpreterServerName” to do that from the framework itself. The meterpreter/reverse_http(s) payload’s network communications leaves traces of its existence in many places “Mainly HTTP Proxy logs” One of the most obvious and easiest-to-detect signs are the “User-Agent:” header from the … [Read more…]

Creating the Cheapest “ugliest” Passive Ethernet tap on earth!

This post is showing how to  create a passive ethernet tab using only an ethernet cable and four RJ-45; it is not about creating a good passive ethernet tap, or even to explain what it is, that has already been explained better by others, the result will be ugly, not optimal… but hey, it works!. Passive … [Read more…]