3/9/2015 Hack Windows 7 with Metasploit using Kali Linux | LINUX DIGEST https://sathisharthars.wordpress.com/2014/05/21/hackwindows7withmetasploitusingkalilinux/ 1/22 L INUX DIGEST A Linux Engineer and Security Researcher Blog Hack Windows 7 with Metasploit using Kali Linux Filed under: ETHICAL HACKING , KALI LINUX — 28 Comments May 21, 2014 Today i am gonna show how to exploit any windows OS using metasploit. Exploiting a windows vulnerability to logging into the system with out username and password using Metasploit. Before Hacking, you want to know about metasploit framework. If your are new one to hacking, its less possible to know about Metasploit.
22
Embed
Hack Windows 7 With Metasploit Using Kali Linux _ LINUX DIGEST
Exploit Windows 7 Dengan Metasploit Di Kali Linux - Anherr Blog's
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
3/9/2015 Hack Windows 7 with Metasploit using Kali Linux | LINUX DIGEST
Filed under: ETHICAL HACKING, KALI LINUX — 28 CommentsMay 21, 2014
Today i am gonna show how to exploit any windows OS using metasploit. Exploiting a windowsvulnerability to logging into the system with out username and password using Metasploit.
Before Hacking, you want to know about metasploit framework. If your are new one to hacking,its less possible to know about Metasploit.
Metasploit Project is a computer security project that provides information about securityvulnerabilities and aids in penetration testing and IDS signature development.
Its best‑known sub‑project is the open source Metasploit Framework, a tool for developing andexecuting exploit code against a remote target machine. Other important sub‑projects include theOpcode Database, shellcode archive and related research.
The Metasploit Project is well known for its anti‑forensic and evasion tools, some of which arebuilt into the Metasploit Framework.
Requirements:
1. MetaSploit Installed ( Kali Linux Distribution)
2. Ruby Installed (Install all the package of Ruby to avoid any issues)
3. Two OS running either on same as virtual or physically different
Msfconsole is by far the most popular part of the Metasploit Framework, and for good reason. It isone of the most flexible, feature‑rich, and well‑
supported tools within the Framework. Msfconsole provides a handy all‑in‑one interface toalmost every option and setting available in the Framework; it’s like a one‑stop shop for all ofyour exploitation dreams.
To launch msfconsole, enter msfconsole at the command line
Now once you get the msf prompt type the below command and look for the moduleexploit/windows/browser/ms10_046_shortcut_icon_dllloader.
An exploit is the means by which an attacker, or pen tester for that matter, takes advantage of aflaw within a system, an application, or a service. An attacker uses an exploit to attack a system ina way that results in a particular desired outcome that the developer never intended.
Here above module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) thatcontain an icon resource pointing to a malicious DLL.This module creates a WebDAV service thatcan be used to run an arbitrary payload when accessed as a UNC path.
Now once we have found the desired module we will use this exploit by typing the below
Now once we have found the desired module we will use this exploit by typing the belowcommand.
#msf > use exploit/windows/browser/ms10_046_shortcut_icon_dllloader
Once loaded your msf prompt should be inclusive of the loaded exploit. given below is the image
Now once the exploit is loaded we will set the payload for the above select exploit. In our scenariowill be using reverse TCP payload. Type the below command to set payload.
A payload is code that we want the system to execute and that is to be selected and delivered by
Once connected type linux command to browse inside the System and have full control on it.
This Documentation is purely for educational purpose. so act with responsibility.
Tags: Ethical Hacking, exploit, Hacking, kali linux, metasploit framework, Microsoft Windows,msfconsole, payload, window 7, windows xp
Comments RSS (Really Simple Syndication) feed
28 Comments:
sidJuly 7, 2014 at 12:01 pmhey anther good one tutorial for hacking i looking this attack over internet , i try but failed soplz make tutorial on internet user. thanks
ReplyTamal KunduAugust 1, 2014 at 10:14 pmIs it possible to get the meterpreter directly..i mean without any click or pinging…direct getthe meterpreter of the terget machine….as we did in case of xp by using“”exploit/windows/smb/ms08_067_netapi””please inform meplease help me
6
3
iRate This
ReplySathish ArtharAugust 2, 2014 at 10:02 amYep it will connect directly to meterpreter , its an SMB vulnerability in windows XP , if thesystem is patched mean currently updated the meterpreter will not work.
1
2
iRate This
ReplydecomboySeptember 13, 2014 at 4:43 amVery nice tutorial!!I tried this using my laptop and my desktop with windows 7 as Target.Everything went smoothly, just when I entered on http://x.x.x.x(int the targeted computer), onthe msfconsole(in the laptop) appeared “Sending UNC redirect to x.x.x.x” but nothing morehappened.
FatihOctober 2, 2014 at 1:28 amYeah have the same problem here, You should tell us which Version of Windows 7 did youtest with? And edition? and was it x86 or x64? and what was the exact version of Internetexplorer?
My lab stucked on ” Sending LNK file..”
Thank you so much
1
0
iRate This
ReplyFatihOctober 2, 2014 at 2:23 amand what is the version of your rubygem please?
0
1
iRate This
ReplyFatihOctober 3, 2014 at 2:21 ameverybody in comment says they have failed. Wanna reply?
ReplyBYODNovember 25, 2014 at 3:34 pmSame problem as u guys, but good starting tutorial…(he’s probably not gonna chew our food for us…)
2
0
iRate This
ReplymonkyNovember 28, 2014 at 12:21 amBazzofia!
0
2
iRate This
ReplyasdfgNovember 30, 2014 at 7:00 pmIt didn’t even work for me! it probably depends on the version of the browser and if the OShas been updated. what i would like to see is a payload that works even if if was updated.
2
0
iRate This
Replyansaf.appDecember 18, 2014 at 1:35 ami am using kali linux (not virtual) so i have this when i exploit
ReplySouljinJuly 6, 2015 at 12:07 pm“Now as we can see that we have one victim connected its time to login to the system.run the command session ‑i 1.”
im stuck here too anyone can tell where to input this command?
0
0
iRate This
laina gyvnaDecember 27, 2014 at 5:30 pmThe tutorial ‘s goot but the attack itself sucks. What kind of attack isthat when you need toswitch off your fw and av? Definetely not a real life attack.
0
0
iRate This
ReplyXypherJanuary 10, 2015 at 11:24 amNEED HELP.All went swell than at the *exploit* command i failed to connect . here’s the error. ” [‑] Exploitfailed: REX::BindFailed The address is already in use or unavailable: (Ip address).”The computer i was trying to exploit was my laptop running windo 7 . I disabled the avg for asecond than exited out any running browser and ran the exploit on kali from a seperatecomputer and i got that error … what does it mean?
April 3, 2015 at 2:33 pmfor those stuck at the sending lnk phase (after the victim opened the created file), make surethat the av (windows defender) is off… after the victim made a session with your attacker, ameterpreter session should pop up after the sending command… verify the session number byuploading the command “sessions”…
0
0
iRate This
ReplySeabrideApril 23, 2015 at 7:53 pmYou guys should just create an exe file as the payload itself.If you want to check if it works, upload it to a file hosting server and download it to thetargeted pc and exploit it.
In this method you don’t need to configure the SRVHOST.You need to configure the LHOST to your own IP and the LPORT to any port you’d like, forexample: 4321.
ReplyHUNTER3DJuly 10, 2015 at 1:18 ameveryone is making tutorials based on local network , “no use” , how do we connect toexternal machine ? RHOST xxx.xxx.xx.xxx ? or different exploits ?
1
0
iRate This
ReplyHUNTER3DJuly 10, 2015 at 1:52 amor do we just broadcast exe or any relevant file to gain administrative priveleges on web …?
0
0
iRate This
ReplyPavanAugust 7, 2015 at 9:23 pmHI..how can i persist this attack?