Hack Windows, Linux or MAC PC using Java Applet JMX Remote Code Execution
This module abuses the JMX classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in January of 2013. The vulnerability affects Java version 7u10 and...
View ArticleDumpIt – RAM Capture Tool
This utility is used to generate a physical memory dump of Windows machines. It works with both x86 (32-bits) and x64 (64-bits) machines. The raw memory dump is generated in the current directory, only...
View ArticleVolatility - An advanced memory forensics framework
The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM)...
View ArticleAndroid Reverse Engineering : See Source Code of Android Apps
I am going to discuss how we can see the source code of the android apps and may be modify/hack according to our own convenience. Various attackers use this technique to inject their own malicious code...
View ArticleExploit Windows PC using Freesshd Authentication Bypass
This module exploits a vulnerability found in FreeSSHd <= 1.2.6 to bypass authentication. You just need the username (which defaults to root). The exploit has been tested with both password and...
View ArticleHack Windows, Linux or MAC PC using Java Applet AverageRangeStatisticImpl...
This module abuses the AverageRangeStatisticImpl from a Java Applet to run arbitrary Java code outside of the sandbox, a different exploit vector than the one exploited in the wild in November of 2012....
View ArticleAttacking on Windows, Linux or MAC PC using Java Applet Method Handle Remote...
This module abuses the Method Handle class from a Java Applet to run arbitrary Java code outside of the sandbox. The vulnerability affects Java version 7u7 and earlier.Exploit TargetsJava 7 Update...
View ArticleWindows Manage Memory Payload Injection
This module will inject a payload into memory of a process. If a payload isn't selected, then it'll default to a reverse x86 TCP meterpreter. If the PID datastore option isn't specified, then it'll...
View ArticleHack Remote Windows Passwords in Plain Text with WCE
Windows Credentials Editor (WCE) is a security tool that allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes, plaintext passwords and Kerberos...
View ArticleHow to Check Enabled Remote Desktop Service in Network with Metasploit
This module checks a range of hosts for the MS12-020 vulnerability. This does not cause a DoS on the target.Exploit TargetsWindows PCRequirementAttacker: Backtrack 5Victim PC: Windows 7Open backtrack...
View ArticleHack Remote Windows Password using Keylogger in Meterpreter
Once you got the meterpreter session use ‘ps‘ command to displays a list of running processes on the targetThe next step is we need to migrate Meterpreter to the winlogon.exe process. Victim...
View ArticleHow to Hide File in Remote Victim PC
Once you got the meterpreter session use ‘shell‘command to get command prompt of the target.Type attrib +h +r +s (drive name) d:/Folder Name and press Enter button to activate it.This will hide your...
View ArticleHack Remote Windows PC using VMWare OVF Tools Format String Vulnerability
This module exploits format string vulnerability in VMWare OVF Tools 2.1 for Windows. The vulnerability occurs when printing error messages while parsing a a malformed OVF file. The module has been...
View ArticleHow to get the Admin Access of Remote PC using Windows Kernel Intel x64...
The shellcode disables kernel Code Signing and will grant NT SYSTEM privilege to specified Application or already running process (PID). Exploit successfully tested on Windows 7 SP0/1 (x64) and Windows...
View ArticleHow to Lock/Unlock Folder in Remote Victim PC using Metasploit
Once you got the meterpreter session use ‘shell‘command to get command prompt of the target.Type Cacls (Folder Name) /e /p everyone:n and press Enter.This will lock your “Movies Folder” folder from D...
View ArticleSolving OWASP Bricks Challenge #3 using SQLMap and Havij
OWASPBricks is free and open source learning platform for web application security. It comes with lots of levels/challenges also known as 'bricks'. Each brick has some sort of vulnerability....
View ArticleHack netNTLM Credential using Microsoft Word UNC Path Injector
This module modifies a .docx file that will, upon opening, submit stored net NTLM credentials to a remote host. It can also create an empty docx file. If emailed the receiver needs to put the document...
View ArticleWindows Manage User Level Persistent Payload Installer
Creates a scheduled task that will run using service-for-user (S4U). This allows the scheduled task to run even as an unprivileged user that is not logged into the device. This will result in lower...
View Article