This week I continued to work with the executable file that I was able to have Kali create. I tried to send the file to the remote machine through the network but I ran into issues while I was trying to get that to work. I think the only way I am able to do that is to either send the file through email or have it as a download on a website. I'm still looking into those options but for the time being I put the file on a flash drive and opened it on the remote machine. The remote machine's antivirus flagged the executable and actually said that it was a virus (which was good). So to run my file I ended up turning off antivirus. The file creates a TCP connection between my Kali machine and the remote machine and I am able to use Meterpreter to control the remote machine. I was able to run a full blown Windows command line and from there create file and open applications on the remote machine.
I also am continuing to work with wireless and I am trying to see if I can make a rogue access point that my test clients connect to and then steal their login credentials or something similar to that. I also want to see about running exploits on machines connected to a shared WIFI network to mimic how a business WIFI network is setup.
Friday, October 28, 2016
Friday, October 21, 2016
Week 6 Update
I haven't done the best job when it comes to updating my blog. I forgot to update last week and the week before. I have finished setting up my test network environment withing VirtualBox. I have a simple Windows Server 2012 R2 running Active Directory with three different Windows 8.1 machines connected to my domain. I also have Kali Linux setup and running in another virtual machine connected to my local LAN. I also finished setting up my PFSense router which is handling all the networking between the virtual machines. Right now I have a mini network running with my different machines and I am able to ping between all of them.
This week I continued reading about Kali and focused on Metasploit. I am still trying to learn how I can use this against the machines in my network. This week I was successfully able to create an executable file from the Metasploit framework and place it on one of my other test machines. The executable is a reverse TCP handler and when the client opens it on their machine it creates a connection back to my Kali VM and from there I am able to run commands on the remote machine.
I plan to continue working with this and see what else I can do
This week I continued reading about Kali and focused on Metasploit. I am still trying to learn how I can use this against the machines in my network. This week I was successfully able to create an executable file from the Metasploit framework and place it on one of my other test machines. The executable is a reverse TCP handler and when the client opens it on their machine it creates a connection back to my Kali VM and from there I am able to run commands on the remote machine.
I plan to continue working with this and see what else I can do
Subscribe to:
Posts (Atom)