Saturday, January 14, 2012

Metasploit over Internet (Forget the LAN limitations)

Here is the another good tutorial of Metasploit (not by me this time). This article is written by the admin of thawildcard.com. And Thanks to my friend NotieBoie for leading my attention to this problem that if we do some common metasploit attack, it only happens in the LAN (most of the attacks), but now here is the solution.


This tutorial is for people behind a router (local area network/wireless network)

Your router is the gateway to the internet, it holds the external IP address and its job is to route and manage computers in the network. It also has a firewall feature which blocks incoming connections. In order to get connections routed to your computer/machine you will need to configure the router to forward ports to your device.

This can be done by accessing your router via any web browser. Type in the routers IP address in the URL of your web browsers and log in, look for Port forward or Virtual Server.  Different routers have different interfaces so just browse through it until you find that option.

You will need to configure a few things on the port forward/Virtual Server, Give it a service name, IP address in the networks range i.e. 192.168.1.x, the port number that you will be using over metasploit and set the protocol. If you’re going to be using more than one port then add more to the settings and save your router.

Next step is to get the external IP address that your router holds. You can find it usually under status if not you can also go to www.whatsmyip.org and it will show you you’re external IP.

The next step is to configure Backtrack and give it a static IP. Every time your computer connects to the router the router assigns it different IP addresses. In this case go to your Virtual machine if you are running BackTrack on it and right click on the network icon at the bottom of the window. select Network Adapters and make sure its set to Bridge network adapter. You don’t want to be using NAT cause NAT  adds an extra layer of complexity which can make it more likely that the guest will have connectivity issues, especially with the outside world (i.e. the Internet).

In bridged networking, your network card just provides multiple connections to the same network. If your goal is to have your guest behave exactly the same as if you had just plugged another physical computer into your network, you will probably want to use the bridged networking option. So continuing on with the tutorial Select Bridge Network adapter.

Go ahead and open WCID network manager and select properties. Set a Static IP and make sure its the same IP you set on your router. submask is usually 255.255.255.0 on smaller networks. Gateway will be your routers IP address. next set DNS 1 to 8.8.8.8 and DNS 2 to 8.8.4.4 these are Google’s public DNS resolution service you can find more info on this at http://code.google.com/speed/public-dns/ save and connect. The next step is to test your connection open a terminal and ping google.com. Make sure its sending and receiving data packets. If it success’s then great! if not then it could be the VM machine.

I had trouble getting a static IP using VMware workstation on BT 5 R1 64 bit it could set it to static but would not actually connect to the internet.

Now you are almost set.

Fire up metasploit now there is a few ways of doing this.



1. If your using a browser exploit then you would set the SRVHOST to your local static IP and for the PAYLOAD you would use 0.0.0.0 and then give the victim the address of your external ip i.e. http://yourexternalIP:portnumber/dshjhkd38732 . Keep in mind some ISP’s Block port 80 so use an SRVPORT that’s different then port 80



2. If you are just sending a PAYLOAD then you would set that PAYLOAD using your external IP address and then the multi/handler’s LHOST to your internal IP. That way the victim connects straight to your router and your router forwards the connection to your machine while your machine is waiting for the connection.

Here is a short video tutorial using the browser exploit  http://vimeo.com/33604474

Hope this helps. Good Luck and Happy Hacking

Share it

 

The Hacker News

There was an error in this gadget