Here we show how to dns_spoof website requests, creating a fake webpage, a binded backdoor with a vbs script and capture a victims keystrokes. 1# We create our meterpreter reverse_tcp payload and then bind it to a legitimate installer for use on our fake update webpage. (all website requests for chosen sites will be redirected to the attacker) 2# Once the victim runs the installer the vbs script then runs the backdoor. 3# We then install the backdoor permanently to run upon bootup and connect back to the attacker at timed intervals. #Finally we capture the victims keystrokes. DG Consulting UK copyright 2010 www.dgpcrepairs.co.uk We are not responsible for misuse of this video. We purposely encoded the backdoor prior to this demo for av evasion so as not to show the encoding scheme. ... ;(more info)
