A guide on how to hack computers that have no services running using rshells and the Funny Game social engineering email.
Guide Contents
Introduction
Note: Credit goes to Xephael
This guide will walk you through the steps of setting up an rshell server and forcing an employee on a target computer to send you an rshell. This method requires you to obtain an employees email account (username and password) from the target computer, however this guide will not walk you through obtaining that. It is recommended that you become familiar with the other systems in the game (exploits, social engineering, networks, and general computer usage) before attempting missions which require rshells.
This guide will also not cover hacking networks with no forwarded ports, it is specifically for computers that have no ports when nmapped from within the network.
Step 1: Set Up Rshell Server
- Buy a rental server or use one you have already
- Download rshell-server and rshell_interface from your hackshop onto that rental
- Run rshell-server
- Run Browser.exe 192.168.0.1:8080
- On the port forwarding page forward the port 1222 (internal and external) to the rental’s LAN ip 192.168.0.2
Step 2: Send the Funny Game Email
- Get the email login information of a user on the target computer
- Run Mail.exe
- Click the account change button (looks like an icon of a person)
- Log into the target’s email account
- Select the Funny Game social engineering template
- Put the same email you logged into in the “To:” input (yes the person is sending this email to themself, just go with it)
- Click the shooter exe attachment
- Enter the public ip of your rshell server rental, along with the rshell server port (1222)
- Send the email
Step 3: Use the Rshell
- From your rshell server rental run rshell_interface
- Select the rshell for the IP you just sent the email to
- You’re in!
Be the first to comment