Hello guys I have a theoretical situation. John was on a 3 week cruise for vacation along with some coworkers. John doesn't like his coworkers and one of them happens to have a brand new 4g wireless USB card for his laptop. Not only his John good at hacking but his social engineering skills a great too. But John needs some malware that will give him control over the Wlan. His co-worker is running windows 7.
What kind of malware is out there that would allow me to accomplish this? or would I need to write on myself. I have basic knowledge in metasploit and nmap but in the situation we're not connected to the same Lan. Any ideas?
4 Responses
If intercepting network traffic for social engineering is what you... I mean John wants, using dnsspoof and the social engineering toolkit would be a good way of getting creds. If he wants to control the laptop itself, then metasploit is a good place to start. It might be a good idea if John checks John's coworker's laptop for AV software if John wants to use metasploit.
Tell John good luck.
I meant that john wants to get the virus on his computer that will allow John to run something like meterpreter over the wireless lan in his laptop (Assuming he has one). Im assuming that there is are malware like this and i just suck at using duckduckgo. Or am i wrong and would have to write one myself?
Ok! Here's the deal.
John's on a cruise ship. John's coworker has a 4G modem. Does John have access to the 4G modem? If yes! John is in luck!
Install Kali, or if you're running Linux install dnsspoof, metasploit, SEToolkit and Apache or Lighttpd .
Write your own social engineering page make it similar to the 4G modem web ui, and brand it and such, do what you like with the page, I would reccomend you should make it look like an update for the 4G modem. On that page either (using SEToolkit) generate infectious media like a malicious word doc, or straight up make an executable. You can do this easily with SEToolkit. Host the page and the malicious file on your laptops webserver, and then use Dnsspoof to redirect all page requests to your laptop. It's up to you how likely you are to get that precious meterpreter prompt. Once you're in, you will want to install persistence, perhaps to a remote server, digital ocean droplets are cheap now a days.
pry0cc
Thank you very much, I'm new to the scene. I used to work on repairing computers for a few years and just recently got into hacking, Very detailed explanation.
Share Your Thoughts