... net.sf.xss-html-filter xss-html-filter 1.1 xss-html-filter releases xss-html-filter Releases Repository http://xss-html-filter.sf.net/releases/ Computer Hacks and tricks: Exploit hacking

Monday, February 3, 2014

Exploit hacking

This video that shows you how to use nmap and metaploits to hack a non-updated computer

Steps:
1) I use nmap to scan ports on a box 
2) I open metasploit and use the 
msrpc_dcom_ms03_026 exploit (an old exploit fond in 2003, but it works well for this video) 
3) Then I set the PAYLOAD to win32_reverse_meterpreter, RHOST to the remote host, and LHOST to my ip 
4) I run the exploit
5) I'm then connect to the remote host and I type the command "use -m Process" so I can run programs on the host 
6) Finally, I channelize the command prompt 

Steps 5 and 6 can be bypassed by setting the PAYLOAD to win32_reverse; however, meterpreter gives you a lot more control over the host

No comments:

Post a Comment