Kamis, 16 Juni 2016

Metasploit (hacking windows xp)

so today i'm going to show you how to use metaploit to hack windows xp. before we go to the business little explanation about metasploit

metasploit is a tool for developing and executing exploit code against a remote target machine. not just executing payload,in metasploit you can also use it as information gathering tools and many more i'm going to show you in another time but now focus on hack a windows xp now.

well it's pretty simple 

Now open your vmware now turn on your kalilinux and windows xp (i'm suggesting use unpatched windows xp sp2) inside your vmware


make sure it have an ip address and ping each other. the connection type in here i set to NAT but you also can change it into host only as long as this two OS can ping each other.

now open metasploit by typing "msfconsole" at terminal and it will magically appear (for backtrack user type "./msfconsole").

type "search netapi"

and it will show list of the windows exploit. in this tutorial i will use exploit/windows/smb/ms08_067_netapi(this is one of the explotation that is use to exploit windows xp)

type "use exploit/windows/smb/ms08_067_netapi" to load the exploit
before you commence an attack to the windows xp that are certain thing that you have to fill inside the exploit and to know that type "show options"

and it will show the necessary parameter that have to be fill but noted this not all exploit have same parameter so make sure you check the parameter every time you use an exploit.

type "SET RHOST "+ip address


after that you have to choose the payload that is suit to the exploit.
type "show exploit"and it will show list of the exploit that is compatible to the exploit

 type "set PAYLOAD windows/meterpreter/bind_tcp"

and you can check if this exploit is can be use to the target or not by simply type "check" and it will show if your choose the right exploit or not.

okay so now you can launch the attack

by simply type "run" or "exploit"


now as you can see the exploit is work we have successfully taking control of the system. now you can do anything to the target system if you want to know what can you do inside the exploit OS simply type "help " and it will show you so many command that you can use from priviledge escalation or screenshoot the desktop.

note this is for education not for malicious intend make sure if you want hack somebody computer make sure you have their permission or you will end up in jail.

have a nice day ^_^


2 komentar:

  1. We will be getting a reverse TCP connection from the victim machine by using a small backdoor using metasploit on windows.

    BalasHapus
  2. FULLZ AVAILABLE WITH HIGH CREDIT SCORES 700+
    (Spammed From Credit Bureau of USA)

    =>Contact 24/7<=

    Telegram> @leadsupplier
    ICQ> 752822040
    Email> exploit.tools4u@gmail.com

    FRESHLY SPAMMED
    VALID INFO WITH VALID DL EXPIRIES

    *All info included*
    NAME+SSN+DOB+DL+DL-STATE+ADDRESS

    Employee & Bank details included
    CC & CVV'S ONLY USA $8 FOR EACH

    $1 for SSN+DOB
    $2 for SSN+DOB+DL
    $5 for High credit fullz 700+
    (bulk order negotiable)
    *Payment in all crypto currencies will be accepted

    ->You can buy few for testing
    ->Invalid or wrong info will be replaced
    ->Serious buyers needed for long term
    ->Very fast delivery

    PLEASE DON'T ASK ANYTHING FOR FREE

    TOOLS & TUTORIALS AVAILABLE FOR SPAMMING & HACKING

    (Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)

    SQL Injector = 250$
    Premium Accounts (Netflix, coinbase, FedEx, Pornhub, etc) =25$
    Paypal Logins = 150$ (10 Logins)
    Bitcoin Cracker = 500$
    SMTP Linux Root = 300$
    DUMPS with pins track 1 and 2 = 85$
    Socks, rdp's, vpn = 25$
    Php mailer = 25$
    Server I.P's = 100$ (1k ip's)
    HQ Emails with passwords = 100$ (1k emails+pass)

    *If you need a valid vendor it's very prime chance, you'll never be disappointed*

    Telegram> @leadsupplier
    ICQ> 752822040
    Email> exploit.tools4u@gmail.com

    BalasHapus