Scenario Based Hacking Part 4 (Os And Software Patched, No Av, Behind Nat)
Description:
We introduced Scenario based Hacking in the
Metasploit Megaprimer Part 17. Please have a look there first before you begin this series, to understand the context. This is Part 4 of Scenario Based Hacking (SBH).
Please begin by watching Part 1, if you have not already done so.In this video, we will look at a scenario in which the victim has both the OS and the software patched, and is behind a NAT. However, the victim does not have an AV. We will create custom trojans using Msfpayload and Msfencode to deal with this case. With a little luck and some social engineering a gullible victim will run our trojan and then GAME OVER! :)
Please do leave your comments behind and let me know what you think!
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments:
awesome video tutorials .I ve watched your almost all of the group tutorials .They are really great .I ve been a silent admirer of your.
plz provide a video in which the
Os-patched
Software patched
with av and behind nat
and please provide some tutorials on web site exploits ..
Thanks Vicky!
A lot of interesting scenarios have been planned! Stay tuned.
Great, Great Videos.....
Please finish out series...
How to deal with AV etc...
thanxs again.
May I request for the next scenario ...??
How about if there is firewall? because that thing often happens in the real world. Where any windows xp by default would have a firewall ...
In addition to using the data transfer on the target can not we open a particular port? because it is less plausible that if we wait for the target to download the data.
Then in addition to windows xp can do exploits against Windows 7 (because at this time is rarely the target using windows xp on laptop) ...
Last ...
if you can also discuss how to exploit using metasploit when the target we are using Linux.
Go-go-go Vivek... god bless you...
and... "Have a Nice day" hahahahahhahaha..
regrads,
g33k1ux
Great Tut....
i enjoyed videos...
I am eagerly waiting for next senario...
Thank you so much for ur great efforts....
Vivek, very glad you are taking this approach for this series. I couldn't agree more about the various courses which concentrate only on tools and not on real-world scenarios. Thanks for sharing your knowledge. I look forward to more!
I followed all the Metasploit Mega Primer serie + SBH, you are doing an awesome job! I followed some ethical hacking trainings and it's the first that I see someone who is talking about some "real world" situations (even if it's more usual to deal with more recent and protected OS than Windows XP "unAVed" and "unFirewalled"...).
I have one suggestion : would it be possible to increase the sound quality? I don't know if it's a recording or encoding issue, but sometimes the sound is really crappy compared to the image quality.
Long life to securityTube !
Greets from Switzerland
Vivek, I'm wondering if you plan to continue creating videos, they are excellent. It seems all the videos were posted on the same day in February, but that doesn't really reveal much on when they were created. I hope you continue to make videos.
Thanks
this series was awosome very useful tnx
Excellent videos! I only hope you add more to this section to give more of a 'realistic' scenario like you said in your MS Megaprimer series (ie: attacking Firewalls, IDS, AV, Win7, maybe even Mac/Linux?)
@ dEXtEr1ty, I agree on both. Excellent approach to the subject matter, but the series here has a scratchy audio output.
this video series is like receiving a key to a bride new (net)world. (-:
More, we like to see more :D
=) Thanks. Keep 'em coming!
These tutorials are best !
It would be great to see scenario with windows 7 and firewall.
And I have question, I've noticed that in all videos we are on same network as victim pc, but what if we aren't ? How can we use nmap and metasploit then ? (For example at home I have two routers and I've tried to exploit computer which was connected on second router using IP which I found on: http://whatismyipaddress.com/, but failed)
Impressive tutorial, I would however request that the audio be enhanced as some of the background sound is un-nerving.
superb tuts vivek ..pls giv a scenario where victim behind NAT,with updated AV,and OS&software patched...
sir,
Back-Track 5 (Gnome & KDE) is released and i have downloaded it. so, i found some typical problems in that and having trouble understanding some of the new tools.
so can you please try to make Back-Track 5 Super-Mega-Primer.
and many many and many thanks for other primers. I really learned so many things from those videos. Thanks for damn revolution.
Jagmohan :-)
hey an i love ur videos
can you please do some of these when the windows machine is running windows 7 with everything up as in AV, firewall behind NAT and such..would be greatly appreciated thank you
since its what almost everyone has now in days
Thanks man , thats rely helps me a lot
>>>keep going<<<
We are so interesting for posting new videos more complicated as Josias suggested ....it'll be great!
Eagerly waiting for next one in the series.....can you tell us when will it be up?
These videos are "THE BEST" on the internet.. please make more videos in this series, where victim is protected by firewall, AV on and OS Patched...!! THAAAANK you!
BIG FAN!!!
again vivek great work. please continue this series, im am learning so much and your work is of the highest quality (other then some sound quality issues). like everyone else i also wish to see some videos with win7 as the victim. thanks again.
Scenario Based Hacking is Much more exciting than post exploitation.. i am very excited for your next videos!
ThanxxxxxxxxxxX!
Thanks for all the comments guys! We have launched a SecurityTube Metasploit Framework Expert Certification today:
http://www.securitytube.net/smfe
The first 25 signups will receive discounted seats! Please hurry :)
Great videos, keep up with the good work. Well done.
I was wondering when you will make the video with a much much complicated scenario such as [OS and Software patched, Firewall and Router, NAT]. Thanks
1st of all thanks for the videos....they r awesome...the way you teach is very good...pls try the toughest scenario... ......
try the scenario when both users behind NAT...both using dynamic IP... what if your ISP doesnt provide you with port forward.... If the router is yours..thn you can have that settings..bt what if its not yours?
Nice Videos Mr Vivek ,But pls could u give us sample demo on how to send it thrw mail or web thanks in advance..
need a megaprimer on web application security...thank you
why u don continuous in the video series after Scenario-Based-Hacking-Part 4 ? where is Scenario-Based-Hacking-Part 5
Extremely educative videos! I have watched through most of the Metasploit Megaprimer series and now I am desperately waiting for this series to continue. Meanwhile I began watching "Wireless LAN Security and Penetration Testing Megaprimer" and I only get more excited within each video. You even make me laugh at some points. I appreciate for what you are doing and can't wait for the next episode of scenario based hacking. Great job, keep it up!
Vivek, your videos are awesome! Could you please make a video demonstrating this technique using a MITM attack?
Totally awesome. Many thanks
Great stuff Vivek, But how do you do all this over the internet and how can you make the trojan persistent so it' launches itself after a reboot.
Best regards,
daytona
great work, wish you complete this series ... Thanks for great video series
What if both Attacker and Victim are behind NAT...Will you please upload such scenario...
Hello sir,
I am Dot Net Developer.Nice tutorial , But i could not understating.Daily base scenario most of the user access internet there are using best AV in there computer/ laptop , how can i break system and information gathering .
Inside there computer/ laptop AV and Firewall stop a attacker , that scenario what can i do . sorry for my bad English.
heloo sir,
your video tutorials are very much helping me to understand the metasploit and i believe no one can make it more simpler than you but sir .....your scenario based hacking is good for remote computers or the computers in same network........i want to learn how we can use the link generated by metasploit to use over internet or the computer in different networks....please help me....