TuX^

http://www.theregister.co.uk/2011/05/04/sony_implicates_anonymous/ We know for a fact now that Anonymous, or someone within Anonymous acting to their own accord had something to do with the PlayStation hack. Not so Anonymous now, huh?

Yeah, just figured that out. I see that now. I was trying to work out how to encode it again using msfencode (don't know args or syntax for it) just done a quick google search but didn't reveal an awful lot. TuX

Last updated this morning. And yes, I'm using BT4-R2 :)

Hi, I went to the SET directory, and then SRC (Where I think the .exe is located) Can anyone tell me the filename? I found 1 .exe and a few .binary's in the child folders of SRC. None of which were flagged up by VirusTotal. TuX

Thanks Hexophrenic, I'll check that out when I get a chance. As for my payload SOMETIMES bypassing Avast, I still can't figure it out.. Both Windows 7 Pro.. Any ideas? TuX

Hi Infiltrator, no it's not there. Here's something weird.. I tried the Exploit on the machine I was testing all along with no luck, because the AV was running. BUT I also tried it on my machine (The one BackTrack is hosted from) and it worked, it bypassed the AV.. Any reasons why? TuX

I encoded it when the SET asked me to, using a backdoored executable. Where is the encoded file stored before it attacks the victim? Far too tired to be thinking about it now. TuX

I'd upload the file to both sites if I had any clue where to find it :P TuX

Hi Infiltrator, I was just using the Java Applet Attack method, and encoded it using a backdoored executable (The one that was recommended) and it was picked up. I was running Avast at the time. Where is the file to upload? I'll see what VirusTotal says about it. Kind regards, TuX

Thanks again Digip, I'll have a look at them later on. Regards, TuX

Hi Digininja, I can only get the connection with the AV turned off, thats where I'm stuck. Regards, TuX

Hi guys, It's me again. Just thought I'd let you know about my first half-successful pen-test on a windows 7 machine. I used Metasploit to pull this one off. For the scenario, pretend I used social-engineering to get the login credentials (I didn't, it's my machine. It's certainly possible though) From there I used the PSEXEC exploit to gain access to a reverse shell (Tested this a few times, sometimes it brings up a command prompt and other times it brings up a Meterpreter session..?) In the Meterpreter shell I successfully migrated to explorer.exe and started the keylogger. Typed in a fake username and password in Notepad on the victim machine. Went back to BackTrack and dumped the contents of the logging. It worked! Only problem is, I don't know how to get round the AV. Any ideas? Kind regards, TuX

@Trip, No bother. And thanks for all the help you've given me. TuX

Trip, I used a different payload.. Haven't had the time to work on it more yet. All I managed to do was get to command prompt.. Create / delete users / privilege escalation and file manipulation. Thanks for all the help guys, TuX

Hi Guys, I've managed to get in by binding the port and connecting through that, and it works! :D Thanks all, TuX

Thanks Digip, I wasn't using that IP as the rhost, I was using the IP of the machine I'm trying to attack. And as far as I can see there is nothing else running on that port, like I said, I tried a couple of other ports as well. Regards, TuX

I'm doing NetCat on port 1337 now, but I have tried others to carry out the same exploit and got the same error. Any other suggestions? Much appreciated, TuX

Just tried again, got: Handler failed to bind to [My IP] Handler failed to bind to 0.0.0.0:1337, exploit exception: The address is already in use (0.0.0.0:1337) Any ideas? Have I done RHOST or LHOST wrong or something? I have no idea, and there seems to be a lack of documentation. Regards, TuX

Thanks, Infiltrator! I get the following error when I try to run exploit -z: Exploit exception: The address is already in use (0.0.0.0:4444). Have I done lhost and rhost the wrong way round or something? Thanks, TuX

Hi Guys, I've got BackTrack 4 set up on a virtual machine. I'm trying to exploit my own Windows 7 box using the Social Engineering Toolkit. Trying to do a Website Attack Vector, then a Java Applet Attack. Selected Web Templates, then Gmail. Then using a Windows Shell Reverse Payload. To avoid detection from Anti-Virus I'm using a backdoored executable. Port for the listener is 443. Now, the Console says Command shell session 1 opened. Like it should, but what are the commands? Check or exploit don't work and I'm at a bit of a loss. Feel free to come smack me upside the head if you think I'm being stupid, but I'm new. Regards, TuX

Why do you think he's looking for a manual? ;)

Thanks for all the replies guys :) Would BlackBuntu be worth using? I've got that as an ISO and have had a quick fiddle. Just need to find some tutorial on it. I couldn't get on the Internet or anything with BackTrack (Probably just lack of drivers). I'll have a look into all the suggestions, thanks! :) TuX^

My opinion of Samsung have completely changed after reading this post. Wasn't too long ago Sony was installing rootkits onto computers. Really makes you wonder..

Hi guys, I'm a newbie and basically thought I'd introduce myself and ask a few simple questions. :) I'm an apprentice IT Technician / Network Admin but I'm very interested in network and computer security / hacking and all other interesting stuff that get's mentioned on Hak5. I've been loitering around for a while and reading some threads and realizing just how much I have to learn. Which is where you come in, is there any good beginners guides that you would recommend reading? Or is the majority of it just Googling? I'm starting to watch the show and have learnt bits and bobs from that, so I guess that's useful too. Any pointers would be appreciated. I know I'm a newbie but everyone's gotta start out somewhere, right? Thanks, TuX^

This is just ridiculous. This could quite easily put men and women's lives at stake. Are they aware of this or do they simply just not care? TuX^