According to Amit Malik a.k.a DouBle Zer0 Zer0 - As stated by "Jabra" that we can execute a malicious file on the target machine via java applet execution...this is a very nice technique.., This video is basically based on the same concept but with little ADVANCED approach.
The overall concept of the video is that we can execute multiple file on the target machine via the single applet execution..and this multiple file execution help us in many ways.. means if one attack fail.. second attack work for us and if second fail third work for us and so on... but for simplicity i am demonstrating only TWO file execution via the same applet... attack methodology:
1) execute meterpreter file on target machine but this will fail when our victim use up to date Anti Virus..so give control to the second attack and in second attack i am poisoning the HOSTS file..
2) execute malicious HOSTS file on target that poison the original HOSTS file of the target machine.. by poisoning the file we can redirect our victim to our fake pages..! plz understand full name resolution process working is BEYOND the scope of this post.. but in short, when you type www.google.com [or any other url] in ur browser then name resolution process starts because we have to use IP address to communicate over the internet.. but before performing the dns queries over the internet.. system first search the url in its cache if the entry is not in cache then system search the entry in HOSTS file and if the entry is not in HOSTS then it search the entry over the internet.. so by poising the HOSTS file we can redirect the victim to our ip add.. for eg.. if we put the entry 192.168.1.3 paypal.com in HOSTS file then when victim type paypal.com in browser it redirected to our ip(192.168.1.3) instead of original ip address.
Above is the attack methodology but one may ask how it help in a pentest..[this is something you have to figure out yourself] but basically we can control any web based authentication like vpn web based access, admin control panel..etc.. benefits: 1) HIDS and NIDS are meaningless 2) can screw up a security professional..
Thanks to Amit Malik a.k.a DouBle Zer0 Zer0 (m.amit30  gmail  com)for submitting this video to us.
Sponsored by: █ Sparkhost - Hosting Without Compromises! █ Hybrid Performance Web Hosting █ Spark Host Stream Hosting █ Hybrid IRC & IRCd Server Shell Accounts
Multilevel Attack With A Java Applet
No replies to this topic
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users