{"id":6725,"date":"2013-11-24T16:50:10","date_gmt":"2013-11-24T19:50:10","guid":{"rendered":"http:\/\/www.ethicalhacker.com.br\/site\/?p=6725"},"modified":"2019-07-16T12:13:03","modified_gmt":"2019-07-16T15:13:03","slug":"criando-trojan-msfvenom","status":"publish","type":"post","link":"https:\/\/www.ethicalhacker.com.br\/site\/2013\/11\/exploits\/criando-trojan-msfvenom\/","title":{"rendered":"Criando Trojan MSFVENOM"},"content":{"rendered":"<p>Neste pequeno artigo mostrarei como criar um cavalo de troia utilizando o Msfvenom, ou seja, a combina\u00e7\u00e3o do Msfpayload e Msfencode<\/p>\n<p>Atrav\u00e9s de t\u00e9cnicas de engenharia social, um atacante poderia obter acesso a m\u00e1quina da v\u00edtima.<\/p>\n<p><strong>Corre\u00e7\u00e3o :<\/strong><\/p>\n<p>Treinamento , Firewall,\u00a0 Antiv\u00edrus atualizado<\/p>\n<p><strong>Requisitos:<\/strong><\/p>\n<p>Kali Linux<\/p>\n<p>Windows 7 \u2013 Firewall disabled<\/p>\n<p>N\u00edvel \u2013 Iniciante<\/p>\n<p><strong>Aten\u00e7\u00e3o:<\/strong><\/p>\n<p>Conte\u00fado elaborado com finalidade educativa e objetivo did\u00e1tico, nenhuma m\u00e1quina foi invadida, todo o exerc\u00edcio foi executado em ambiente confinado e atrav\u00e9s de m\u00e1quinas virtuais.<\/p>\n<p><span style=\"color: #ff0000;\"><strong>Invadir Sistemas \u00e9 Crime !<\/strong><\/span><\/p>\n<p>Passo 1: Criando o troiano atrav\u00e9s do msfvenom<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/134.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-6726\" title=\"1\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/134-300x239.png\"  alt=\"\" width=\"300\" height=\"239\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/134-300x239.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/134.png 753w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>Passo 2: Habilitando Python Simple HTTP Server na m\u00e1quina invasora<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/223.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-6727\" title=\"2\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/223-300x244.png\"  alt=\"\" width=\"300\" height=\"244\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/223-300x244.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/223.png 749w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>Passo 3: M\u00e1quina v\u00edtima baixa troiano existente no servidor Python da m\u00e1quina invasora<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/318.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-6728\" title=\"3\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/318-300x255.png\"  alt=\"\" width=\"300\" height=\"255\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/318-300x255.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/318.png 753w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>Passo 4: M\u00e1quina v\u00edtima executa troiano<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/416.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-6729\" title=\"4\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/416-300x254.png\"  alt=\"\" width=\"300\" height=\"254\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/416-300x254.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/416.png 749w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>Passo 5: Tomando m\u00e1quina da v\u00edtima com Metasploit<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/516.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-medium wp-image-6730\" title=\"5\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/516-300x235.png\"  alt=\"\" width=\"300\" height=\"235\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/516-300x235.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/516.png 748w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>At\u00e9 a pr\u00f3xima !!!<\/p>\n<p>&nbsp;<\/p>\n\r\n\t\t<div class='author-shortcodes'>\r\n\t\t\t<div class='author-inner'>\r\n\t\t\t\t<div class='author-image'>\r\n\t\t\t<img src='https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/186048_100001838322519_1550894_n-11668_57x57.jpg' alt='' \/>\r\n\t\t\t<div class='author-overlay'><\/div>\r\n\t\t<\/div> <!-- .author-image --> \r\n\t\t<div class='author-info'>\r\n\t\t\t<p>Autor: S\u00edlvio C\u00e9sar Roxo Giavaroto<\/p>\n<p>\u00c9 MBA Especialista em Gest\u00e3o de Seguran\u00e7a da Informa\u00e7\u00e3o,\nTecn\u00f3logo em Redes de Computadores, C|EH Certified Ethical Hacker,\natua como Pentest e Analista de Seguran\u00e7a em Servidores Linux no\nGoverno do Estado de S\u00e3o Paulo, Professor Universit\u00e1rio , Instrutor\nC|EH e C|HFI.<\/p>\r\n\t\t<\/div> <!-- .author-info --><\/p>\r\n\t\t\t<\/div> <!-- .author-inner -->\r\n\t\t<\/div> <!-- .author-shortcodes -->\n","protected":false},"excerpt":{"rendered":"<p>Neste pequeno artigo mostrarei como criar um cavalo de troia utilizando o Msfvenom, ou seja, a combina\u00e7\u00e3o do Msfpayload e Msfencode Atrav\u00e9s de t\u00e9cnicas de engenharia social, um atacante poderia obter acesso a m\u00e1quina da v\u00edtima. Corre\u00e7\u00e3o : Treinamento , Firewall,\u00a0 Antiv\u00edrus atualizado Requisitos: Kali Linux Windows 7 \u2013 Firewall disabled N\u00edvel \u2013 Iniciante Aten\u00e7\u00e3o: [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":6731,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21,101],"tags":[],"class_list":["post-6725","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-exploits","category-tutorial-backtrack"],"_links":{"self":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/6725","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/comments?post=6725"}],"version-history":[{"count":8,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/6725\/revisions"}],"predecessor-version":[{"id":10450,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/6725\/revisions\/10450"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media\/6731"}],"wp:attachment":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media?parent=6725"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/categories?post=6725"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/tags?post=6725"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}