Report: Gaining and maintaining access to OS(MS Windows 7)using Metasploit

We are going to learn about Windows 7 Operating Systems hacking using a Kali Linux tool

Metasploit

Metasploit consists of two words meta meaning beyond and exploit that is taking advantage of something.

Let's go ahead to see what can we do with the help of the tool.

1. Information gathering:

Let's first become aware of the network configurations of the target.

So by using the ping command we come to know the IP address of the target machine.

For that, we take the help of ARP spoofing using the Ettercap tool we shall discuss the ettercap tool afterward.

2. Scanning and Enumeration:

Now comes the network mapping phase the tools that would be helpful to us will be nmap

On scanning, we can see the open ports in the above picture i.e port 445 and we too can observe the services running on it.

3. Gaining access:

This phase is one of the prime phases of this report that catapult us to gaining the access privilege of the target machine so to continue our progress we would go to a new tool already mentioned above as Metasploit.

Upon searching a previously known exploit in the CVE or GHDB we use the search command followed by the path in the given msfconsole and as a result, it projects the presence of the given exploit

So to configure the particular exploit we use the above-mentioned command as a result of which the payload gets configured as windows/x64/meterpreter/reverse_tcp

After that, we use the command “show targets” to view their target ids and boom we find their respective id in our case it is 0

After being able to find target id as 0 we try to use the command set target as “set TARGET 0” and it gets set.

After that, we need to configure the remote host i.e the target ip and set the command “set rhost <host ip>”.

Then it is the end of the gaining access process.

By using “run/exploit”

Upon configuring if the meterpreter command-line argument is displayed then Congratulations you have completed the challenge

4. Maintaining access: In this part of hacking we manipulate and get the privilege of adding commands to it

Here we get the network configurations of the victims' system is exposed in our (attackers) machine.

We can also go for sysinfo to get system information

Here we used the command “ps” to get the list of processes ongoing and we use the getpid to know the ongoing PID here it is 1100 there we use “run migrate -p 1100” to get to a more stable process and at the end “clearev” to evacuate the event log in the machine (COVERING TRACKS STAGE IS DONE HERE)

5. Covering Tracks stage is done in the previous place only

SO here are the 5 stages explained and reviews and opinions about this Document are warmly welcomed.

0
Subscribe to my newsletter

Read articles from prabhudarshan samal directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

prabhudarshan samal
prabhudarshan samal

Am a cybersecurity analyst