[MegaThread]Hack Victim Windows system by Backtrack 5

HrDe · 03-31-2012, 09:12 PM

Today tutorial basics come from payload, so first thing which come in your mind is
"what is payload?"

[color=#FF4500]A payload is code that we want the system to execute and that is to be selected and delivered by the Framework. For example, a reverse shell is a payload that creates a connection from the target machine back to the attacker as a Windows command prompt.A payload could also be something as simple as a few commands to be executed on the target operating system.

Step 1: Go to Backtrack 5 and open the terminal , i had done it with BackTrack5 R2 , so after starting terminal now write below write command ....

Code:
cd /pentest/exploits/set

and then press enter key.Now again type..

Code:
./set

again press enter key. For live example see below pic...

Spoiler:

Step 2: When you done step 1 then a menu open where he say to select, then you select "Create a Payload and listener" which number in menu 4 so write 4 and press enter key, see below pic....

Spoiler:

Step3: Again a menu where some name given here select number 2 which are "Windows Reverse TCP Meterpreter and send back to attacker", write 2 and press Enter Key, see below pic...

Spoiler:

Step4: Now Select number 2 which means "shikata_ga_nai(very good)" and press Enter Key, see pic...

Spoiler:

Step5: When step 4 completed then it ask About Default Port of the listener so enter any number . I am going to enter 808 , see below pic...

Spoiler:

When it ask "Do you want start the listener now ?" then enter "Y" for say yes ,see below pic...

Spoiler:

Step6: Now a find create on the Folder set which name "msf.exe" . Now for found that file follow path..

Code:
File System>Pentest Folder>Exploits Folder>Set Folder

When you go there you see msf.exe file like below pic...

Spoiler:

Step7: Now change this file into any other name like facebook.exe,video.exe,gmail.exe anyone which you want but remember write .exe extension of file, see below pic where i am change into facebook.exe....

Spoiler:

Now use Binder and Crypter for this file and attach it with any other file. You can also use my old tutorial...

http://www.hackarde.com/2012/01/use-cryp...-make.html

http://www.hackarde.com/2012/01/bind-fil...-file.html

Because i want to only show you method so i am not bind it. Now upload this file on any free space provider website and send link to Victim, see below pic...

Spoiler:

In my case, my victim is my friend Hemant PC , when hemant found my send link and see a software for download then he start downloading when download finish (it takes just 5 second) then my facebook.exe file automatic execute and simultaneously my terminal window show me some lines in which he want to say sessions start.

Step8: When Step 7 completed then for check sessions status run below write command...

Code:
sessions -l

when you did it then you see it showing connection...

192.168.0.13:808>>>>>>>>192.168.0.14:49793

Which means my system IP 192.168.0.13 which default Port 808 now connected with my victim Hemant System which IP is 192.168.0.14 and port 49793 . Now you enter in your victim System, see below pic...

Spoiler:

Step9: Congrats!!!!!!!! friends you are successful with me. Now for forward process write command by which you enter in the meterpreter mode ....

Code:
sessions -i 1

And Press Enter Key see below pic...

Spoiler:

Now we want to find out system information so write.........."sysinfo" and press enter key, see above pic. where you can see...

Computer : HEMANT-PC
OS : Windows 7

and many things.

Step10: Now if you want to find Process list which run in the Victim System at that time then run command...

Code:
meterpreter>ps

And Press Enter Key, see below pic in which all running process show you...

Spoiler:

For Program List run command ................."ls"................ see below picture....

Spoiler:

If you want download any file from Victim system then run command...

Code:
>download c:\\windows\\system32\\sethc.exe

And press Enter key, where c:\\windows\\system32\\sethc.exe is file location and name.see below pic...

Spoiler:

For Enter in the Shell or Command Prompt of Victim IP run command...

Code:
meterpreter>shell

and press enter key, see below pic...

Spoiler:

Enjoy!!!!!

I had Spend 6 hour for make this tutorial for you,but you will spend 1 min for say thanks!

http://www.hackarde.com/2012/04/hack-vic...em-by.html

HrDe · 04-08-2012, 07:31 AM

I am totally wonder,90+ view but not any reply , hey wht the problem with this post.

Aph0tic · 04-10-2012, 01:20 AM

Great thread / Tutorial. Surprised about the amount of the reply's

HrDe · 04-10-2012, 06:53 AM

(04-10-2012, 01:20 AM)Aph0tic Wrote: Great thread / Tutorial. Surprised about the amount of the reply's

Thanks bro for like my work done, ya i m also wonder about reply.

milkbone2001 · 04-14-2012, 01:45 AM

nice dude, imma try this

milkbone2001 · 04-14-2012, 01:45 AM

nice dude, imma try this

HrDe · 04-16-2012, 02:50 PM

Thanks ,yap try and then tell me ur experiance.

DeonAB · 04-19-2012, 05:13 AM

wow man you should make an Ebook or ebooks about the backtrack knowledge you got, I never knew how to use backtrack thanks fir teaching me man

HrDe · 04-19-2012, 05:33 AM

(04-19-2012, 05:13 AM)DeonAB Wrote: wow man you should make an Ebook or ebooks about the backtrack knowledge you got, I never knew how to use backtrack thanks fir teaching me man

Thanks bro for like my work and also for ur advice.I like it in future work on that.

__Dj_-k1ll3r__ · 04-19-2012, 07:47 AM

thx bro nic tut thx to shear ......