Forum Replies Created
- Posts
Hi!
For the results of dns.spoof module just run the command in bettercap terminal when tou have done all your settings:get dns.spoof.*
Also keep defender disabled. To bypass it:
Basically bypassing AV programs is like a game of cat and mouse, so backdoors might start getting detected at some stage, then the developers release an update, this will allow you to generate undetectable backdoors, then AV programs release an update which will make backdoors detectable ……..
So the main thing is to make sure that Veil or any other tool you’re using to generate the backdoor is up to date.
Here’s a few solutions to try if your backdoor is getting detected:
1. Make sure that you have the latest version of Veil, so do updated before doing use 1.
2. Experiment with different payloads, and experiment with different payload options and you should be able to bypass it.
3. Try generating a backdoor using the fat rat, empire (tutorial link for empire in the resources of lecture 68).
4. Modify backdoor code if its in bat (covered in my social engineering course.
5. Modify backdoor using a hex editor (covered in my social engineering course).
6. Create your own backdoor (covered in my python course).
The best thing to do is look at the last lecture of the course (bonus lecture) it contains all the courses that you can take with this course and a comparison between them.Also check out this video:
Hope it helps!
DiegoHi!
Yeah, it will be safest to download it in a virtual machine and then upload it to a service to run any test.Greetings!
DiegoHi!
Use this commands to install it for python3:
apt-get install build-essential python-dev libnetfilter-queue-dev
pip3 install -U git+https://github.com/kti/python-netfilterqueueMaybe first uninstall the versions you have already installed.
Let me know how it goes!
DiegoHi!
Which script are you using?Yeah, thos iptables will cut connection if you are not running any script that uses netfilterqueue.
Let me know.
DiegoHi Peter!
It’s a bit more complicated, you have to add a LaunchDaemon or LaunchAgent, dependig in the privileges you have, here you can read more about it:
https://www.sentinelone.com/blog/how-malware-persists-on-macos/Hope it helps!
DiegoHi Peter!
1. Intall pynput using pip, how are you running the command? are you prepending sudo?
2. Which numbers? I mean which part of the keybord?Let me know.
DiegoHi!
Are you sure you are using the latest custom kali image provided by Zaid? If so, can you try to update beef?
apt update
apt install beef-xssThen try the commands again
Let me know how it goes!
DiegoHi!
Did the backdoor work if you run it by it’s own?Can you share the result of get dns.spoof.* ?
Let me know.
DiegoHi Peter!
It looks like this part of the submit_form function has an extra indentation:
if method == "post": return self.session.post(post_url, data=post_data) return self.session.get(post_url, params=post_data)It should be at the same lave as for loop, not inside of it.
Let me know how it goes!
DiegoHi!
It could happen for many different reasons, first if the script interacts with the command line, as Zaid explained when compiling the backdoor. Also it can be because defender or any AV is preventing the executable to run, this can happen when it needs to connect with anither device or service, or just some libraries fail to compile properly using pyinstaller. There’s another tool that can be used, it’s called py2exe, try to do some google research and you’ll find it.Hope it helps!
DiegoHi!
Are you sure you are using the latest custom kali image provided by Zaid?Did you add the card to the USB list as shown in lecture 11? If you did, then make sure that you don’t physically connect the card to the computer until Kali is fully booted, connect the card, then go to the devices menu (beside the file menu) >> USB >> Click your device.
If you’ve already done the above, then please try the following suggestions:– Experiment with connecting the adapter before and after Kali fully loads, and after you log in as root.
– Experiment with setting the adapter to use USB 2 and USB 3.
– Make sure you connect the adapter directly to the computer, don’t use a hub or an extension.
– And experiment with connecting the adapter to different USB ports.Hope it helps!
DiegoHi!
Did your backdoor work if you run it by it’s own?
Can you show me the following please:
1. Result of ifconfig in Kali.
2. The result of ipconfig in Windows.
3. The configuration for evilgrade.
4. The result of show options before running the multi handler.
5. Bettercap’s version and command used to start it.
6. The contents of arp spoof caplet.
7. The result of: get dns.spoof.*Let me know.
Diego
