however, are tough nuts to crack. These modern systems don’t have unresolved
vulnerabilities. That means you can’t run an exploit directly when hacking a modern OS. In this section, your goal is to bring down a Windows 7 computer using the Metasploit framework. If you are successful, the target machine will display a blue screen with some gibberish on it. This process is extremely easy when done over a local area network. Important Note: You must have Windows 7 on a virtual machine. Remember: don’t practice your hacking skills on an actual computer. The results can be disastrous. Let’s divide the process into several steps:
Data Gathering
You have to determine the IP address of your target. During an actual penetration test, this process can be difficult. You have to find a computer’s IP address without getting detected. In this lesson, however, identifying the IP address is quick and easy. You just have to access your virtual machine, launch a shell, and enter “ipconfig”. Look for the line that says IPv4.
Launching MetasploitGo back to your Kali Linux OS and open a terminal. Then, start the Metasploit framework by issuing the following commands:
service postgresql startThe “msf” (Metasploit Framework) console will appear on your current terminal.
service metasploit start
msfconsole
Executing the Attack
Choose the exploit for this attack. The command that you must issue is:
use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
Type “show options” to view the options offered by this exploit. You’ll find that it has two
requirements: RPORT and RHOST. Set “3389” as the RPORT, since it is the port for
remote desktops. Set the IP address of your target as the RHOST. Then, type “exploit”.
Your target machine will display a blue screen and restart. Computer users refer to that
blue screen as “blue screen of death”. Metasploit allows you to perform this trick many
times. In the real world, this attack can be frustrating. Imagine what a person would do if
his computer keeps on rebooting.
0 Comments