Friday, August 21, 2009

Karma Exploit




This video is on using karma exploit from metasploit on Backtrack 4.An Attacker setup his own fake Accesspoint in monitor mode, DHCP daemon and a web server daemon.Attacker runs Metasploit's karma exploit.The moment IP is assigned to victim's PC , all the activity is logged at the attacker's machine including the URL visit and credentials used for mail and web.
Attacker now has full comtrol on victim's machine....

Wednesday, August 5, 2009

Sniffing And HTML Injection




This video explains various examples of network sniffing and HTML injection with Ettercap-NG tool on BackTrack-4 on a Local Area Network.Shows how an attacker can change text of chat messages within LiveMessanger using ettercap filters and also using Ettercap plugin,Filters,filterf_modify,file-inject. An Attacker can even find who else is ARP poising on LAN using search_poisoning ettercap plugin.