Hack windows xp with MS08-067 exploit
Using metasploit its possible to hack windows xp machines just by using the ip address of the victim machine. It does not involve installing any backdoor or trojan server on the victim machine. Metasploit does this by exploiting a vulnerability in windows samba service called ms08-67. This exploit works on windows xp upto version xp sp3.
The vulnerability/exploit module inside metasploit is
Name: Microsoft Server Service Relative Path Stack Corruption
Module: exploit/windows/smb/ms08_067_netapi
Further details and references to the vulnerability can be found at the following pages
http://cvedetails.com/cve/2008-4250/
http://www.osvdb.org/49243
http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx
http://www.rapid7.com/vulndb/lookup/dcerpc-ms-netapi-netpathcanonicalize-dos
Note : This exploit is old as of now and will work only if the windows xp on the target machine is unpatched and not running any firewalls. If you were to scan a range of ip addresses to discover online windows xp machines, then most of them would likely be patched ( through automatic updates ).
So if you want to test and practise this exploit, setup a vulnerable unpatched xp system.
Scan for open ports
Before exploiting the xp machine with metasploit it is a good idea to scan for open ports using nmap to confirm that ports are accessible and accepting connections. Here is a quick example
root@kali:~# nmap -n -sV 192.168.1.4
Starting Nmap 6.25...
Read full post here
Hack windows xp with metasploit | tutorial
Using metasploit its possible to hack windows xp machines just by using the ip address of the victim machine. It does not involve installing any backdoor or trojan server on the victim machine. Metasploit does this by exploiting a vulnerability in windows samba service called ms08-67. This exploit works on windows xp upto version xp sp3.
The vulnerability/exploit module inside metasploit is
Name: Microsoft Server Service Relative Path Stack Corruption
Module: exploit/windows/smb/ms08_067_netapi
Further details and references to the vulnerability can be found at the following pages
http://cvedetails.com/cve/2008-4250/
http://www.osvdb.org/49243
http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx
http://www.rapid7.com/vulndb/lookup/dcerpc-ms-netapi-netpathcanonicalize-dos
Note : This exploit is old as of now and will work only if the windows xp on the target machine is unpatched and not running any firewalls. If you were to scan a range of ip addresses to discover online windows xp machines, then most of them would likely be patched ( through automatic updates ).
So if you want to test and practise this exploit, setup a vulnerable unpatched xp system.
Scan for open ports
Before exploiting the xp machine with metasploit it is a good idea to scan for open ports using nmap to confirm that ports are accessible and accepting connections. Here is a quick example
root@kali:~# nmap -n -sV 192.168.1.4
Starting Nmap 6.25...
Read full post here
Hack windows xp with metasploit | tutorial