Forum Replies Created
- Posts
Hi!
Can you share your code with the porper indentation? Otherwise I can’t tell if there’s anything wrong with it.
Also don’t use dictiorary.com as it uses https now a days. Please try it with http sites first, like this:Later on the course you’ll learn to bypass https.
Let me know how it goes!
DiegoHi!
You have never mentioned before that bettercap works, so I was just pointing out the possible things that could go wrong. Are you able to sniff http data in with bettercap?
Yeah, the arp spoof attack is working so you should be able to sniff data from http://testphp.vulnweb.com/login.php, so clear browser’s cache on victim and try it again.
Also remember to enable ip forwarding every time you want boot kali and want to try this attack, I mean echo 1 > /proc/sys/net/ipv4/ip_forwardLet me know.
DiegoHi!
First of all I want to piont out that we are learning all of these to become Ethical Hackers, not to do evil things. But when getting credentials is needed for the job then doing some phishing attack is the best way to do it, or dumping a keylogger in victim machine can also be very useful.
So gathering information about the victim is essential, then you can do any of the attacks mentioned in the course. Those are just general ideas on what you can do so you have to make the proper adjustments so it fits your specific scenario. Also let me tell you that a week is not enough to do it like a professional hacker, this take time, patience, practice and lots of researching hours.Greetings!
DiegoHi!
Did you avoid running sslstrip this time and any iptables rule? So it looks like you have internet connection now. So it might happen that your router has some arp spoofing protection, in that case the only thing you can do is disabling such protection or just arp spoof in one direction, as mentioned in the last lecture of Section 9 Post Connection Attacks, in that case you won’t be able to modify any response. So to confirm this is an issue with the router can you run arp -a in windows machine before and during the attack? And show the results here.You have mentioned that it didn’t work in the virtual lab, so how did you test it if you are not able to run 2 virtual machines?
Thanks!
DiegoHi!
BigSur has many compatibility issues. But let’s try to solve each problem at a time, first the lagging one, which VirtualBox version are you using? Which resolution are you using? You said it begins to slow down again so what did you install, update or upgrade before it begins to do it again? Because I assume it was working fine before, isn’t it?Let me know.
DiegoHi!
Look, when trying it in a real network there are many things that can go wrong and it would be difficult to debug if you haven’t even tested it in the simplest scenario. You have mentioned that it didn’t work in the virtual lab, so how did you test it if you are not able to run 2 virtual machines?
Also I have noticed something, you have directed all the packets to port 10000 but I can’t see if you have started sslstrip.So to test it in the simplest scenario flush iptables and don’t use sslstrip nor any iptables rule:
iptables –flush
iptables –table nat –flush
iptables –delete-chain
iptables –table nat –delete-chain
iptables -P FORWARD ACCEPTEnable port forwarding
echo 1 > /proc/sys/net/ipv4/ip_forwardThen run the arp spoof attack again. Are you able to sniff dta from http site like:
http://testphp.vulnweb.com/login.php
Let me know.
DiegoHi!
The very first step is to know if the backdoor works, then you can deal with AV evasion. To test it disable virus & threats real-time protection, if it works then you can try to modify it to bypass AVs.Basically bypassing AV programs is like a game of cat and mouse, so backdoors might start getting detected at some stage, then the developers release an update, this will allow you to generate undetectable backdoors, then AV programs release an update which will make backdoors detectable ……..
So the main thing is to make sure that Veil or any other tool you’re using to generate the backdoor is up to date.
Here’s a few solutions to try if your backdoor is getting detected:
1. Make sure that you have the latest version of Veil, so do updated before doing use 1.
2. Experiment with different payloads, and experiment with different payload options and you should be able to bypass it.
3. Try generating a backdoor using the fat rat, empire (tutorial link for empire in the resources of lecture 68).
4. Modify backdoor code if its in bat (covered in my social engineering course.
5. Modify backdoor using a hex editor (covered in my social engineering course).
6. Create your own backdoor (covered in my python course).
The best thing to do is look at the last lecture of the course (bonus lecture) it contains all the courses that you can take with this course and a comparison between them.Also check out this video:
Greetings!
DiegoHi!
Can you sharea screenshot of the error? And also the settings used in the apache config file.Thanks!
DiegoHi!
You can’t run before you learn to walk, what I mean is that we have to test it on a simpler scenario and then move on to a more complex one. So I’ll suggest to do it as mentioned in the course and test it first in the virtual lab, and as you mentioned that it’s not even working in the virtual lab we need to see what’s going on there.So set up the virtual machines and send the requested info.
Greetings!
DiegoHi!
What are you getting instead? Is it a meesage like “It works :)”? if you do then everything is ok, if you don’t then can you show the results of:ifconfig and route -n in kali
ipconfig in windows
Can you share a screenshot of the Network settings used in VirtualBox for both machines?Thanks!
DiegoHi!
Can you show the results of:
ifconfig and route -n in kali
ipconfig in windows (I mean windows vm)
Can you share a screenshot of the Network settings used in VirtualBox for both machines?And tere’s no need for the wireless adapter, just don’t plug it in.
Thanks!
Diego
