PaulDotCom mailing list archives
Re: Wake up call for friends and family using SET
From: Craig Freyman <craigfreyman () gmail com>
Date: Tue, 30 Nov 2010 19:43:25 -0700
Meterpreter runs in RAM and doesn't touch the disk. As long as you don't install metsvc or manually install a backdoor, then meterpreter will be gone when they reboot. While you're meterpretering around in their computers, make sure you use some of the cool new meterpreter scripts like the webcam one or the soundrecorder one from dark0perator. Those always seem to have the biggest impact on fam/friends. They don't really care if you can dump their password hashes, but if you can record their voices from their own computer or use the webcam on their laptop, they'll listen to you! On Tue, Nov 30, 2010 at 6:27 PM, Brian Schultz <theconqueror () gmail com>wrote:
I'm tired of explaining to my family the reasons for not opening e-mails or attachments from unknown sources and then having them forward me some sketchy e-mail saying "this is so funny, check it out". I'm sure there are plenty of you out there in the corporate world that can relate with your users. I figure it's time for me to arrange a wake up call and perform my own pentest against friends and family. I figure it would be easy enough to use SET to create a "malicious" website that will change their wallpaper and blast an e-mail out to everyone. My only concerns are...how do I go about getting Meterpreter off of their machine? The last thing I want to do is screw up everyone's computer. Sorry if this comes across as a dumb question, I haven't played around with SET or metasploit before. I'll probably figure this out as soon as I click send but it would be nice to hear from someone else or at least a point in the right direction. Thanks _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Wake up call for friends and family using SET Brian Schultz (Nov 30)
- Re: Wake up call for friends and family using SET amdinside (Nov 30)
- Re: Wake up call for friends and family using SET Craig Freyman (Nov 30)
- Re: Wake up call for friends and family using SET Kenneth Voort (Dec 01)
- Re: Wake up call for friends and family using SET Craig Freyman (Dec 01)
- Re: Wake up call for friends and family using SET Ryan Sears (Dec 01)
- Re: Wake up call for friends and family using SET Ron Gula (Dec 01)
- Re: Wake up call for friends and family using SET Brian Schultz (Dec 01)
- Re: Wake up call for friends and family using SET Daniel Holiday (Dec 01)
- Re: Wake up call for friends and family using SET Daniel Holiday (Dec 02)
- Re: Wake up call for friends and family using SET Zate Berg (Dec 02)
- Re: Wake up call for friends and family using SET Daniel Holiday (Dec 03)
- Re: Wake up call for friends and family using SET Zate Berg (Dec 03)
- Re: Wake up call for friends and family using SET Daniel Holiday (Dec 02)