A smal Video about use Aerial with mitmproxy. Show a easy method for the Certificate install on different Device, and a little "magic" DNS-Spoofig.
https://vimeo.com/114373690
Ozzy
A smal Video about use Aerial with mitmproxy. Show a easy method for the Certificate install on different Device, and a little "magic" DNS-Spoofig.
https://vimeo.com/114373690
Ozzy
Thanks for the share Ozzy! I found this useful.
A new small Demo-Video about:
- Mitm Attack with Arp-Spoofing (Subterfuge)
- Inject a Javascript Beef-Hock (Subterfuge)
- Pentest Windows7 with AV
- XSS Inject with Beef/Cobaltstrike (Beef / Cobaltstrike)
- Use Beacon to Bypass UAC for System-Rights (CobaltStrike)
- Pentest Android (CobaltStrike)
https://vimeo.com/118536932
ozzy
a new small demo video
https://vimeo.com/user2284430/videos
Pentest-W7 Part. 2 (Xss) Automated Fake FlashPlayer-Update with: Beef - Subterfuge - Veil-Evasion - Cobaltstrike
In this Demo-Video you can see:
- Make a Beacon (Backdoor) with Cobaltstrike & Veil (Undetekt)
- Change Icon of the Beacon.exe
- Automated Inject a Fake FlashPlayer-Update in different Browser with Cobaltstrike (IE,Safari,Opera,Firefox)
- Install Persistent Beacon-Backdoor as Task
ozzy
Thank you ozzy66 for your presentation. I think tha the beefstrike attack is the most sexy i've ever seen. This kind of attack worked for me either with subterfuge or with mitmFramework for the ARP poisoning ( i prefer the mitmF). However i see an error at the beef log and at the cobaltstrike log which i think is on the same basis. The beef log says" [!] Invalid JSON input for module '2' " and the cobaltstrike log says: " Exception in thread "Thread-67" java.lang.RuntimeException: Failed : HTTP error code : 500
at com.eyesopencrew.BeefRequestThread.run(BeefRequest Thread.java:42)
Exception in thread "Thread-68" java.lang.RuntimeException: Failed : HTTP error code : 500
at com.eyesopencrew.BeefRequestThread.run(BeefRequest Thread.java:42)
ERROR: net.sf.json.JSONException: JSONObject["value"] not found.
ERROR: net.sf.json.JSONException: JSONObject["value"] not found.
Hi
open the beef_strike.cna give a look on the "imprort ............ *.jar Lines. Some jar files are missing, you must search on the internet the *jar files an save it at the right plase or change the path in the beef_strike.cna
ozzy