watch the video onlin : http://blip.tv/jac0bn3t/backtrack-fake-updats-54
download the video onlin : http://blip.tv/file/get/Jac0bn3t-backtrackFakeUpdats710.mp4
download the index.php+pircturs : http://www.mediafire.com/?oh9d6mhj3sjm7ak
what i have use :
OS : backtrack and winxp
camtasia studio recorder and editor
all other tools can be found on backtrack 5
hacking steps :
*the attacker want to hack the computer victim
*the victim and the attacker are in the same netwrok
*the attacker scann for live hosts using nmap
*nice he found the victim ip : 192.168.1.105
*the the attacker want to make a fake updats to the sys (i have choose the windows OS you can choose any os:linux and OSX the index.php is able to now what sys is the user using)
*i have create a windows backdoor.exe and i have past is the the web directory /var/www
*i have copy and past the picturs on web directory too /var/www
*i have start my http server using apache "service apache2 start"
*so now i have server on 192.168.1.106 and allowed to any one
*but how to change the request of the victim for a web site and send it back to mine "http:192.168.1.106"
* i use ettercap and dnsspoof
*ettercap :
* -i eth0 (your interface can be found using ifconfig )
* -T ( for text mode )
* -M ( for choosing the sniffing mode )
* arp:remote (the sniffing mode that he is able to change the packet way )
* /victim ip / /router ip / (router ip can be found using route -n )
*dnsspoof
*create a list of host that you want to the victim visite and then he well be redicted to you server
* - i eth0 (choose what ever your interface is )
* -f /direrctory of the text that you have create
*start listining on on metsploite
*and voila evry time the victim gonna viste a website he well be redicted to your website after he gonna see the page the you can edite as you want ,he gonna click on downlaod botton he well have the backdoor that have create and u got hre meterpreter session very easy and nice
notes :
*sorry for my bad english and ....
music : Dash Berlin feat Emma Hewitt - Waiting