XSS Shell is a cross-site scripting backdoor into the victim’s browser which enables an attacker to issue commands and receive responses. During a normal XSS attack an attacker only has one chance to control a victim’s browser; however, the XSS Shell keeps the connection between the attacker and the victim open to allow the attacker to continuously manipulate the victim’s browser. XSS Shell works by setting up an XSS Channel, an AJAX application embedded into the victim’s browser, that can obtain commands and send back responses. To enable the XSS Shell an attacker needs to inject the XSS Shell’s Javascript reference by utilizing a XSS flaw on a website. Once the victim’s browser is infected with the XSS Shell and the XSS Channel is created, the attacker can issue instructions to the infected browser. Also, the Attacker can use a XSS Tunnel to transfer HTTP traffic through the XSS Channel and the victim’s browser; in turn, exploiting the victim’s credentials to bypass authentications and IP Restrictions. The XSS Tunnel is a HTTP Proxy that sits on an attacker’s computer, and any tool that is configured to use it will tunnel its traffic through the XSS Channel.

Live Stream Here
Download Here

Download XSS Shell and Tunnel

Phishing is a method of obtaining sensitive information such as usernames and passwords by pretending to be a trusted website.  Tehdead shows us a variety of password phishing techniques that enable an attacker to trick a user into giving up their login information.  The first step is to create a fake login identical to the login on the trusted website.  In order to not raise suspicion, Tehdead explains two methods to capture the victim’s password and then transfer them to the real website.  One method is to sumbit the information to a php page that is disguised as a pop-up advertisment, and the other is to send the username and password to a simular php page that is contained in an iframe.  Lastly, Tehdead describes how to use link manipulation with BBcode to social engineer a victim into going to the fraudulent website. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com

The last few days I’ve been helping my friend Charlie construct his Illinois State University (ISU) Beer Pong Table. The legs and supports of the table are made from his roommate Brandon’s hockey sticks, and the table top is made of plywood with a 1/8″ sheet of Acrylic on top. Our friend Tyler etched ISU’s mascot, Red Bird, into the Acrylic; it was done free-hand with a dremel (Compare his etching to image). Tyler also did the text on the table: “ISU” and ” What you call Addiction … We call Dedication”. I did the LED array and the wiring; when the LEDs are lit, the light catches the etching in the acrylic. The LED controller I made allows you to switch between the LEDs being constantly on or controlled by an audio input. However, the LEDs we used are only lit at a specific voltage, so it doesn’t work very well. Full Scale Video Here
Download Here
Pre-Amp Schematic

In this Underground video, Overide demonstrates how to obtain root access on a fully patched Windows XP SP3 Machine. He exploits a flaw in Windows Server Message Block (SMB) which is used to provide shared access to files between hosts on a network. Overide utilizes the Metasploits Framework to run the exploit. It works by relaying a SMB authentication request to another host which provides Metasploit with a authenticated SMB session, and if the user is an administrator, Metasploits will be able to execute code on the target computer such as a reverse shell. For this exploit to run, the target computer must try to authenticate to Metasploit. Overide forces the target computer to perform a SMB authentication attempt by using a Ettercap Filter. Full Scale Video Here
Download Here
Download Ettercap Filter Here

For more information on the Metasploit Framework and Ettercap Filters check out Video Archive - Exploit Hacking, Underground - Metasploit Autopwn, and Episode 20 - Ettercap.

If you would like to submit a video to Infinity Exists Underground send a email describing your video to underground@infinityexists.com

For this episode of Full Disclosure, we illustrate the many features of Ettercap. Ettercap is a program designed to sniff passwords on a LAN. It can recognize several different packets that contain passwords including Http, Telnet, Ftp, Pop, Rlogin, SSH1, ICQ, SMB, MySql, NNTP, X11, IRC, IMAP, VNC, SNMP, MSN, YMSG, etc. Furthermore, Ettercap can utilize Man in the Middle Attacks to hijack packets and redirect them to the attacker computer allowing it to extract passwords. In this episode, we show you how to use Arp Poisoning, DHCP Spoofing, and Port Stealing MITM Attacks and explain how they work. Also, we explain how to configure Ettercap to sniff encrypted passwords over the Secure Sock Layer (SSL and HTTPS). Moreover, Ettercap can be easily programmed to modify network traffic with the use of Filters. We demonstrate how to make many different Ettercap Filters. Ettercap comes with numerous plugins to advance Ettercap’s abilities; we explain how to use the Check Poison, Re-Poison, DNS Spoofing, Isolate, DoS Attack, Find IP, Gateway Discover, Search Promisc, Arp Cop, and Scan Poisoners Plugins. Lastly, we demonstrate how to use Ettercap’s Passive OS Fingerprinting feature. Ettercap supports passive dissection of many protocols allowing it to identify a host’s Operating System and Services.

Live Stream Here
Download Here

This Full Disclosure episode is very lengthy, almost 50 minutes, so if you have any questions feel free to ask them on the forums

Download Ettercap (Linux)
Download Ettercap (Windows)

Filters:
Irongeek’s Image Altering Filter
Patchy’s Wordpress Filter
Patchy’s Myspace Filter