Metasploit fakeUpdate v0.1.3

Posted June 12th, 2010. Filed under Security Stuff

What is this?
The first release of metasploit-fakeUpdate (MFU). This is a bash script to automate ‘Manning in the Middle’ to ‘pwn’ whoever it can, via giving them a “Fake Update” screen. The attack is transparent (allowing the target to afterwards surf the inter-webs once they have been exploited!), and the payload is either SBD (Secure BackDoor – similar to netcat!) or VNC (remote desktop).

How does this work?
> Sets up a DHCP and web server
> Creates an exploit with metasploit.
> Waits for the target to connect, download and run the exploit.
> Once successfully exploited it grants access to allow the target to surf the inter-webs.
> Uploads a backdoor; SBD or VNC, via the exploit
> The attacker has the option to run a few ‘sniffing’ programs (from the dnsiff suite) to watch what the target does!

Mai multe informatii + download script aici : http://g0tmi1k.blogspot.com/2010/05/script-video-metasploit-fakeupdate-v011.html

Leave a Comment

Powered by HaxTor | CopyWrong © 2011