Welcome back my fellow hackers! Today we're going to be deviating from our antivirus evading escapades to discuss a tool … [Read More...]
Featured Articles
Evading Anti-virus Part 2: Obfuscating Payloads with Msfvenom
Welcome back hackers. In the last edition of our journey into evading anti-virus, we used Shellter to infect EXEs with a … [Read More...]
Mobile Hacking Part 4: Fetching Payloads via USB Rubber Ducky
Welcome back my fellow hackers! In the last installment, we built a fork bomb to introduce ourselves to the USB rubber … [Read More...]
Latest Blog Updates
Loading...How to Steal Windows Credentials with Mimikatz and Metasploit
Welcome back my fellow hackers! Today we're going to be deviating from our antivirus evading escapades to discuss a tool that I've recently started using, Mimikatz. Mimikatz is a tool to automate many Windows hacking tactics. The capabilities of mimikatz stretch much further than a single article, so today we're going to be focusing on a basic function of mimikatz, stealing Windows credentials straight from memory. Lucky for us, Rapid7 has included mimikatz into Metasploit, which makes it very easy to use. In our exercise today, we're going to be compromising a Windows 7 VM and using Mimikatz within Metasploit … [Read More...]
Evading Anti-virus Part 2: Obfuscating Payloads with Msfvenom
Welcome back hackers. In the last edition of our journey into evading anti-virus, we used Shellter to infect EXEs with a payload. Today we're going to be taking it down a notch and talking about obfuscating payloads with msfvenom. Obfuscation is the concept that we can take our payload and change its signature. If we can change its signature, it can help us to get past anti-virus. Obfuscation in and of itself is usually not enough to fool today's anti-virus, but it may be effective against out-of-date or some lesser anti-virus software. That being said, its still important that we review and understand … [Read More...]
Evading Anti-virus Part 1: Infecting EXEs with Shellter
Welcome back my fellow hackers! Today we're going to be entering some new territory. When we're attempting to compromise a system, we need to be stealthy. A part of this stealthiness is learning to evade antivirus software. To start us on this journey, we're going to be talking about a tool called Shellter. Shellter is a tool that allows us to inject payloads into a legitimate Windows executable (EXE) file. This injection allows us to disguise a payload as a real executable, which can drastically increase our chances of getting past antivirus. In order to demonstrate this technique, we're going to be injecting … [Read More...]
Mobile Hacking Part 4: Fetching Payloads via USB Rubber Ducky
Welcome back my fellow hackers! In the last installment, we built a fork bomb to introduce ourselves to the USB rubber ducky. This time around, we're going to be using the USB rubber ducky to fetch a payload from our attacker machine. Doing this should allow us to gain access to any system where the use of the USB rubber ducky is feasible. Step 1: Set up the Listener In order to serve and catch the reverse connection from our payload, we're going to be using the web delivery module in Metasploit. We can start Metasploit on our attacker machine (a Kali Linux VM hosted on VMWare's ESXi). To start Metasploit, we … [Read More...]
Mobile Hacking Part 3: Intro to USB Rubber Ducky for Keystroke Injection
Welcome back hackers! Today we're going to be continuing our mobile hacking series with the introduction of some special equipment. We're going to be setting up and making a payload for the USB rubber ducky. The USB rubber ducky is a small USB device that will act as a keyboard when plugged into a PC. This allows us to inject whatever keystrokes we want into the victim PC in a matter of seconds. As a starter, since it's our first time using the USB rubber ducky here, we'll be making a payload that will write a fork bomb in Python and execute it. So, let's get started! Step 1: Unpacking and Setting up Once … [Read More...]
Like Us On Facebook
Become a Member
