JAVA APPLET ATTACK

SO TODAY’S TOPIC IS JAVA APPLET ATTACK………

FIRST WE SHOULD UNDERSTAND WHAT IS AN APPLET….??

An applet can be described as a Java program that runs on a web browser.
Basically, the concept of a Java applet comes from the concept of embedding
within an HTML page.
To view an applet, the Java Runtime Environment (JRE) is required. The JVM can
be either a plugin of the web browser or a separate runtime environment.
Java Applet Attack is the most famous and the most successful attack method
to compromise a system.

HOW DOES IT WORKS……….??

Java Applet Attack works by infecting the JRE. It is the responsibility of the
JRE to execute the applet. Java Applet Attack works on Windows, Linux, and
Mac OS platforms

SO LETS START……..

1.OPEN A NEW TERMINAL AND TYPE setoolkit   TO OPEN SOCIAL ENGINEERING TOOLKIT.

2.NOW TYPE 1 TO OPEN SOCIAL ENGINEERING ATTACKS…….

3.NOW SELECT WEBSITE ATTACK VECTORS AND THEN JAVA APPLET ATTACK…..

A MENU LIKE THIS SHOULD APPEAR…..

5. SELECT SITE CLONER

6.NOW GIVE THE REQUIRED INFORMATION ABOUT WHETHER YOU USE A NAT/PORT FORWARDING OR NOT…

7.THEN GIVE UR IP ADDRESS…..AND THEN GIVE THE URL TO CLONE ……….

HERE WE HAVE CLONED FACEBOOK……

8. IT WILL ASK FOR PAYLOAD SELECTION….U CAN SELECT ANYONE ON THE TYPE OF EXPLOIT….HERE FOR EXAMPLE WE HAVE SELECTED…..Windows Reverse_TCPMeterpreter

9.NOW SELECT THE THE PLUGIN TO BYPASS THE ANTIVIRUS SECURITY…..HERE FOR EXAMPLE WE WILL SELECT   backdoored executable…BECAUSE IT’S BEST…

10.Afterwards, the attacker needs to specify where the server port needs to listen on.
The default port is 443

11.NOW The server has started listening on the attacker machines

12.NOW SEND THE  IP ADDRESS OR SHORTENED LINK TO THE TARGET….A POPUP SHOULD APPEAR  AS SHOWN BELOW…..

13.Once the target accepts the Java Applet Attack certificate, a Meterpreter session will
be created from the attacker’s side….

AND THE TARGET SHELL IS OPENED

• Uncategorized