Ethical Hacking - GAINING ACCESS(14)

一、服务器及软件准备1.centos7 x64 系统2.openvpn-as-2.10.3_c47a813c-CentOS7.x86_64.rpm 服务器端软件，web及后端服务3.openvpn-as-bundled-clients-25.rpm 服务器端软件，内部包含了Windows、mac os的客户端软件。4.pyovpn-2.0-py3.6.egg.客户端汉化版4094许可

在微信公众号开发中，access_token 是一个非常重要的令牌，用于授权和调用微信开放平台的各类 API。根据不同的场景，可以通过不同的方式获取 access_token。主要有两种常见的获取方式：通过 app_id 和 app_secret 获取的 access_token：这种 access_token 是全局唯一的，用于调用大多数微信公众平台接口。通常用于服务器端的 API 调用，如获取

CLIENT SIDE ATTACKS - Listening for connections 1. Run Metasploit Move the backdoor file to the webserver folder. And download it on the target machin

Gaining Access Introduction Everything is a computer Two main approaches (1)Server Side Do not require user interaction, all we need is a target IP! S

CLIENT SIDE ATTACK - BeEF Framework Hooking targets using MITMF Tools: MITMF and BeEF Start BeEF and execute the following commands: python2 mitmf.py

CLIENT SIDE ATTACKS - BeEf Framework Browser Exploitation Framework allowing us to launch a number of attacks on a hooked target. Targets are hooked o

CLIENT SIDE ATTACKS - Trojan delivery method - using email spoofing Use gathered info to contract targets. (e.g. Maltego, Google ... etc.) Send an ema

CLIENT SIDE ATTACKS - Social Engineering Social Engineering Information gathering Tool: Maltego Gathering Information About Target's Facebook Account,

CLIENT SIDE ATTACKS - Backdooring exe' s Download an executable file first. VEIL - FRAMEWORK A backdoor is a file that gives us full control over the

Server Side Attack Nexpose - Analysing Scan Results and Generating Reports OS and Software Inforation. Services Information HTTP Service Detailed Info

Server Side Attack Analysing scan results and exploiting target system. Go to the Analysis page and find the target host. Scan restult - services: Sca

Server Side Attacks - INFORMATION GATHERING Need an IP address. Very simple if target is on the same network (netdiscover or zenmap). If target has a

Server Side Attacks - NEXPOSE NeXpose is a vulnerability management framework, it allows us to discover, assess and act on discovered vulnerabilities,

CLIENT SIDE ATTACKS - Spoofing backdoor extension Change the extension of the trojan from exe to a suitable one. Make the trojan even more trustable.

Sever side attacks code execution Let‘s analyze the Zenmap scan result first and search for something vulnerabilities about Samba smbd 3.x. We find th

CLIENT SIDE ATTACKS Social Engineering Gather info about the user(s). Build a strategy based on the info. Build a backdoor based on the info.

Server Side Attacks NeXpose - configure and launch a scan Configure and initialize the application. Browse https://localhost:3780 and active the syste

Server Side Attack Install Metasploit cummunity/pro and active it. Create a new project for the target - Mestaploitable machine and start the scan. St

CLIENT SIDE ATTACKS - Detecting Trojan manually or using a sandbox Analyzing trojans Check the properties of the file. The file type of a trojan is ap