Forum Replies Created
- Posts
Hi!
Is it your own network? Remember we can only try any attack against our own network.Can you share a screenshot with the sesults of wash where we can see your network?
Can you share a screenshot with the reaver command used and the result please?Thanks!
DiegoHi!
Your code looks ok, ignore the pycharm warnings, it uses a virtual environment and not your system library so it can’t find scapy. The important thing is that the scripts work in kali’s terminal.
Was your window vm up and running while scanning the network?
Can you show the results of:
ifconfig and route -n in kali
ipconfig in windows
Can you share a screenshot of the Network settings used in VirtualBox for both machines?Thanks!
DiegoHi!
The easiest is to have 2 different adapters to target each band because any adapter will work better if it targets 1 band at a time.What you can do is create several virtual wireless interfaces from wlan0, and run each one of them against a separate band, keep in mind there’s a very HIGH chance of this failing but you can try it anyway, so first do
ifconfig wlan0 down
to disable our interface, then enable monitor mode on it like so
iw wlan0 interface add mon0 type monitor
iw wlan0 interface add mon1 type monitor
This will create 2 new interfaces for you in monitor mode, mon0 and mon1, which you can use in different terminal windows to launch de-auth attacks against different networks.Greetings!
DiegoHi!
Yeah, that happens with the latest wine installation (veil needs wine to compile the backdoors).Can you try this solution:
apt update
apt install -y gnome-shell-extension-dashtodockThen reboot the machine and the dock should be back. The login screen will look different but just click on “Not listed?” so you can log in as root.
Let me know how it goes!
DiegoHi!
Ok, now let’s make sslstrip to work first, so just run the arp spoof attack, set the proper ipstables rule, then go to victim machine and check that the arp spoofing attack is working by checking the arp table, if it does then clear the entire browser’s cache and type stackoverflow in the browser’s bar address without prepending https://Let me know how it goes!
DiegoHi!
Ethical hacking has more to do with enterprise network environments, web applications, applications in general, etc. So social media hacking is more of a black hat thing, as mentioned some ethical hacking jobs will require getting credentials but not necessarily from social media or hack into someone’s facebook, that’s is most of time out of the scope.Yeah, changing settings directly in veil can help, let me tell you that just being detected by 9 AVs is a good number, but as you have seen Zaid modified some values in the script or in the executable (using a hexeditor) this will be more efficient while trying to bypass AVs but require more knowledge in order to avoid screwing up the code, but you’ll learn by trying things out and srewing it up haha. Also there were some recent attacks by some APTs that used undetectable backddors created with Golang and some other technologies, but the main ponit here is those hackers managed to create undetectable backdoors by coding them from the ground, that’s the best solution but it requires a very advanced coding knowledge and obfuscation techniques, so you can do it as well, it will just require time, patience and lot of reading.
Also your cousin might just guess your password, I mean both of you know well each other so it might not be difficult to guess passwords.Greetings!
DiegoHi!
Are you trying it in kali itself right? Can you cahnge username for uname in your code? Then try it again.Let me know how it goes!
DiegoHi!
Let’s solve one issue at a time, can you share the error you mentioned about veil? Was it after downloading it or installing it?
Are you sure you are using the latest custom kali image provided by Zaid? It’s important!Let me know.
DiegoHi!
You can copy it and use the code button to keep indentation, or upload it to pastebin and share the link here.
Greetings!
DiegoHi!
Yeah, this is not so straight forward, you’ll need to do many tries and manual modifications.
Basically bypassing AV programs is like a game of cat and mouse, so backdoors might start getting detected at some stage, then the developers release an update, this will allow you to generate undetectable backdoors, then AV programs release an update which will make backdoors detectable ……..
So the main thing is to make sure that Veil or any other tool you’re using to generate the backdoor is up to date.
Here’s a few solutions to try if your backdoor is getting detected:
1. Make sure that you have the latest version of Veil, so do updated before doing use 1.
2. Experiment with different payloads, and experiment with different payload options and you should be able to bypass it.
3. Try generating a backdoor using the fat rat, empire (tutorial link for empire in the resources of lecture 68).
4. Modify backdoor code if its in bat (covered in my social engineering course.
5. Modify backdoor using a hex editor (covered in my social engineering course).
6. Create your own backdoor (covered in my python course).
The best thing to do is look at the last lecture of the course (bonus lecture) it contains all the courses that you can take with this course and a comparison between them.Also check out this video:
Greetings!
DiegoHi!
I just tested it and it works as expected. The steps I follow:– Check ip from victim machine.
– Run the ettercap attack with all the arguments needed.
– Check on windows machine that the arp table has been modified.
– Clear browser’s cache.
– Visit http://testphp.vulnweb.com/login.php and log in.
– Credentials are displayed in ettercap.So if the arp spoofing attack is working then you should be able to sniff credentials, you can also run wireshark in the background before visiting vulnweb page and capture all the packets, then search among the results and you should be able to find the credentials.
Greetings!
Diego
