Show Posts
1
Tutorials / Injecting payload into softwares via HTTP
« on: June 17, 2015, 10:51:19 pm »
Demo Link:https://youtu.be/FMahvXMYuT4
Hi, this is a quick demo about how to backdoor executables (software) sent over
HTTP using MITMF, backdoor factory
This attack works on LAN
REQUIREMENTS:
Kali Linux or any Linux OS
Wireless USB Adapter e.g. (TL-WN722N)
MITMf (man-in-the-middle framework) https://github.com/byt3bl33d3r/MITMf
MSFconsole or Armitage
LAN network, same as the target/victim
ATTACK SCENARIO:
Machine A-victim
Machine B-attacker
A situation where machine A wants to download a software for example winrar, the victim goes through google and lands on the page (http://www.win-rar.com/download.html?&L=0) the attacker is already waiting to inject payload into binaries served over (HTTP)
This attack is possible because a lot of tool websites still serve binaries via non-SSL/TLS means
Staff Edit: Why ruin your content with that large bbcode and poor formatting?
Hi, this is a quick demo about how to backdoor executables (software) sent over
HTTP using MITMF, backdoor factory
This attack works on LAN
REQUIREMENTS:
Kali Linux or any Linux OS
Wireless USB Adapter e.g. (TL-WN722N)
MITMf (man-in-the-middle framework) https://github.com/byt3bl33d3r/MITMf
MSFconsole or Armitage
LAN network, same as the target/victim
ATTACK SCENARIO:
Machine A-victim
Machine B-attacker
A situation where machine A wants to download a software for example winrar, the victim goes through google and lands on the page (http://www.win-rar.com/download.html?&L=0) the attacker is already waiting to inject payload into binaries served over (HTTP)
This attack is possible because a lot of tool websites still serve binaries via non-SSL/TLS means
Staff Edit: Why ruin your content with that large bbcode and poor formatting?