BeEF module for Geolocation Tracking (via Wireless Access Points)

I have ported my code over to BeEF #beefproject http://beefproject.com/  My module is not in the repository yet.
1.  Meanwhile, you can download the file attached  and copy and extract the files to /pentest/web/beef/modules/host/ .   After that, you should be able to access the module in BeEF as shown in the below screenshot.

2.  The user will receive the below popup in their web browser.   You can change the name of the Java applet to something more discrete as compared to what I have named.

Within seconds, you should be able to get the geolocation of the remote user.

You can download the BeEF module via one of the below links if you do not want to wait for it to be committed to the repository.
https://www2.dropbox.com/sh/cxpafqhpscszfoe/8bGfta5G5W/get_physical_location.zip
I will be doing a write up about the things I learn about writing BeEF module with Java applet integration in the next couple of days.
I hope it can help other people who are just getting started with BeEF development.
Let me know if you would have any suggestions.   Thanks !

Hacking Beyond The Browser with BeEF (Robbing Your Wireless Keys)

Pauldotcom has a very interesting post on “Retrieving Clear Text Wireless Keys” from Compromised Systems” at http://pauldotcom.com/2012/03/retrieving-wireless-keys-from.html
As mentioned in the post, this works on Windows Vista and 7.
I have written a BeEF module called “Get Wireless Keys” which automates the process of robbing the victim of the wireless keys using a signed Java applet.
Follow the steps listed on https://github.com/beefproject/beef/wiki/BeEF-and-Backtrack-5  in order to download BeEF.  My module is now available in the repo.
If you are new to BeEF, you can find some video tutorials here. https://github.com/beefproject/beef/wiki
This will act as a bridge to allow hacking beyond the browser as you will easily be able to compromise other systems in the network once you  connect to the victim’s wireless networks using the stolen wireless keys on your computer.

Upon launching the module against the victim, the victim will get a popup on his browser.  The victim would need to click “Run” in order for this to work.

You will see the below output in the console of BeEF. This means that the victim’s has executed the java applet and the applet has returned some results.

In the below screen shot, it shows that the wireless profiles on the victim’s computer has been saved to /pentest/web/beef/exported_wlan_profiles.xml

The next thing that we need to do is to import the wireless into your Windows Vista/7 computer.

You should be able to connect to the wireless networks that have been saved on the victim’s computer without any password prompts.
You might want to use this module together with “get physical location” module that I have written to identify the actual location of the wireless access point that the victim use in his home or office.
Thats if you are within close proximity to the victim. If not, this module is useless to you.
Alternatively, you could mass mail to all emails address that you can find that belong to a domain with the link to beef.
If you are using Preshared Keys instead WPA/WPA2 enterprise in your organisation, then all you need is one person in the organization to click Run to the Java Applet alert popup to get pwned.

Hack Remote Computers using PRORAT

Hi guys..today i am going to show you how to set up ProRat and how to hack a computer using it. Well, i am going to finish up RAT setup articles with this. I will give the counter measures in my next article. As i haven’t written any articles on direct connection Trojans, I decided to write the one on PRORAT.
If you are new to RATing, it is strongly recommended to read my previous articles which give you all the basic and advanced stuff about RATs.

Hack Remote Computers using EXTREME RAT
Trojans and RATs- Know The Facts
DARK-COMET v4.2 RAT TUTORIAL

procedure to setup ProRat

STEP 1. First of all Download ProRat from here. Once it is downloaded extract it. A password prompt will come up. Enter the password.The password  "pro".

STEP 2. Open up the program and You should see the following window.

STEP 3. Click on the "Create" button in the bottom. Choose "Create ProRat Server".

STEP 4. Next put your IP address so the server could connect to you. You need not enter your IP address manually, you can do this by just clicking on the little arrow. it automatically fills your IP address.
Next put in your e-mail so that when and if a victim gets infected it will send you an email.

STEP 5. Now Open General settings. This tab is the most important tab. In the check boxes, we will choose the server port the program will connect through, the password you will be asked to enter when the victim is infected and you wish to connect with them, and the victim name. As you can see ProRat has the ability to disable the windows firewall and hide itself from being displayed in the task manager. Just follow the steps as shown in the figure.

STEP  6. Click on the Bind with File button to continue. Here you will have the option to bind the trojan server file with another file. You can select an image, text file or pdf file, So as to make the victim trust your file.

STEP  7. Click on the Server Extensions button to continue. Here you choose what kind of server file to generate.    I prefer using .exe files.

STEP  8. Click on Server Icon to continue. Here you will choose an icon for your server file to have. The icons help mask what the file actually is.

STEP  9. After this, press Create server, your server will be in the same folder as ProRat. Start giving this file to your victim. When the victim double click the file, his computer will be in your control.

STEP  10. Now the hacker has lot of options to choose from. He can do many funny things with the victim’s computer.

NOTE: In this tutorial, i put the victim’s IP as 127.0.0.1 as i am testing it on my computer. Inorder to hack a remote computer, you need to get the IP address of your victim. If you dont  know how to find an IP address, you can read my article on finding out remote IP address from here.

How to hack an IP address of a remote computer

Hope you enjoyed the tutorial. Feel free to leave your comments for further doubts and clarifications.