1) metasploit(metasploit.com)
2)postgrsql for u r database...
site: http://www.postgresql.org/
"Make sure you use all the defaults or Metasploit woun’t work"
3)After installing both tools, open up the PostgrSQL admin gui (start
-> all programs -> PostgreSQL 9.0 -> pgAdmin III)
right-click on your server (in the left hand box) and click connect.
Remember to keep this window open the whole time. You will also
need the pass you chose to use in step 5…
4.) Time for some hacking! Go to start -> all programs -> Metasploit
Framework, and then open the Metasploit gui. Let it load untill it look
like this:
5)Now, in the window type:
db_connect postgres:ThePassYouChose@local
The first time you do this you will see lots of text flash buy. Don’t
wory, this is normal.
6.)Type db_host to make sure you are connected correctally.
7.)Now type this:
db_nmap 000.000.000.000
Make sure you put the ip of the computer you are trying to hack in
the place of 000.000.000.000…
7.) Now we get to the fun part; the automatic exploitation. Just type
db_autopwn -t -p -e -s -b , watch the auto-exploitation start, go play
Halo for a while, and then come back…
8.) After the exploitation is done, type sessions -l to see what the
scanner found. If all went well, you should see a list of exploits.
9.) Now we get to use the exploits to hack the computer! If you will
notice, all of the exploits are numbered, and they all have obvious
names (i. e., reverseScreen_tcp). In order to use an exploit, type this:
sessions -i ExploitNumber
Once you get into someone’s computer, you can see their screen,
controll their mouse, see what they type, see them, etc.
happy hunting frnds...
3)After installing both tools, open up the PostgrSQL admin gui (start
-> all programs -> PostgreSQL 9.0 -> pgAdmin III)
right-click on your server (in the left hand box) and click connect.
Remember to keep this window open the whole time. You will also
need the pass you chose to use in step 5…
4.) Time for some hacking! Go to start -> all programs -> Metasploit
Framework, and then open the Metasploit gui. Let it load untill it look
like this:
5)Now, in the window type:
db_connect postgres:ThePassYouChose@local
The first time you do this you will see lots of text flash buy. Don’t
wory, this is normal.
6.)Type db_host to make sure you are connected correctally.
7.)Now type this:
db_nmap 000.000.000.000
Make sure you put the ip of the computer you are trying to hack in
the place of 000.000.000.000…
7.) Now we get to the fun part; the automatic exploitation. Just type
db_autopwn -t -p -e -s -b , watch the auto-exploitation start, go play
Halo for a while, and then come back…
8.) After the exploitation is done, type sessions -l to see what the
scanner found. If all went well, you should see a list of exploits.
9.) Now we get to use the exploits to hack the computer! If you will
notice, all of the exploits are numbered, and they all have obvious
names (i. e., reverseScreen_tcp). In order to use an exploit, type this:
sessions -i ExploitNumber
Once you get into someone’s computer, you can see their screen,
controll their mouse, see what they type, see them, etc.
happy hunting frnds...
No comments:
Post a Comment