Closed (How to häçk) Windows 10 - Kali Linux 2 Part 1

Nicolandia15 · May 7, 2016

Hey Guys! Gusto kong i post tong tutorial na to last week pa kaso gusto ko lang i test pa further. As of this post not detectable siya ng Malwarebytes and my poor antivirus Avira (yung free). Update ko to pag may time ako mag test sa ibang AVs and sa ibang OS. Just need to post this kasi mukhang ***** naman ako pag pinost ko to tapos may ρá†ch na pala yung mga AV -- so it's just a matter of time. Any Pentester reading this feel free to modify or improve the exploit.

Windows 10! Yes it's vulnerable! Sa ngayon. Alam mo yung feeling na magkaroon ka ng root access sa isang machine na wala man lang paki yung nakaupong antivirus or Windows 10 Security sa ginagawa mo. Sort of para sa mga advance user (not a pro here) but newbies can follow.

Exploit: Gagamit tayo ng Excel para mag inject ng Power Shell gamit ang macro. Konting Social Engineering para ma deliver ang payload. Own the machine!

Requirements:
Kali Linux 2
Separate Machine (Preferably Windows 10 na may ibang AV)

Step 1:
I'll be brief sa mga steps. Comment na lang siguro pag may confusion.
Install Veil-Evasion <-- Love this guy. Never fails to amaze me pagdating sa AV Evasion

Code:

apt-get install veil-evasion

Download Git Clone for MacroShop -- [You do not have permission to view the full content of this post. Log in or register now.]
Kailangan naman natin to pang deliver ng payload gamit ang Office Macro

Step 2:
Gumawa na tayo ng payload.
Fire up Kali Linux and type "veil-evasion"

Press "N" for No. Pag nag yes ka may dagdag jan na mga useful tools pero initial installation will work just fine.

Step 3:

- Type "use"
- May list na lalabas, gagamitin natin yung 23) powershell/meterpreter/rev_https
Depende to sa number ng list mo.
- Type "23" (If 22 sa'yo then type 22)

- Type natin yung IP Address mo gamit ang "set LHOST". Kung binabalak mo tong gawin outside LAN then yung Public IP mo gamitin mo.
- Then type "generate"

Step 4:
Pangalanan natin payload natin. Here I put "phcorner"

Step 5:
Next step is copy natin yung ginawa nating Payload File file just like this.

-Press any key daw
- Type Exit para lumabas sa Veil-Evasion

Step 6:
Naalala mo yung MacroShop na dinownload mo? Gagamitin na natin siya ngayon. Depende kung san mo siya sinave. Kailangan mo mag navigate dun gamit ang terminal.

Note: I assume basic understanding po kung pano mag navigate sa Linux. Kasi di ko siya isasama sa Tutorial na to.

- Let's run the Python script tsaka gumawa ng text file.

- Voila! Meron na tayong shell na pwede i embed sating Excel File.
Ganito maging itsura nya.

Step 7:
Mag navigate naman ngayon kung san naaka save yung text file. Actually andun siya sa MacroShop folder. Open up yung file gamit ang leafpad or any text file then copy mo ito. Eto ulit yung naka embed sa macro ng Excel File.

Next tutorial tuloy natin kung pano eto ilalagay sa Excel and kung pano mag setup ng listener gamit ang Metasploit para ma own ang machine ng target mo.

Part 2 is up!
[Click here ]

PUTANKINNAMALL · May 20, 2016

add to cart

Nicolandia15 · May 20, 2016

HEMP said:
add to cart

lol. You should check this out. It's awesome!

PUTANKINNAMALL · May 21, 2016

AWESOME!!!x100 like
pano ba mlalaman kung android/windows ba ang nasa LAN?
at gawa ka nga TUTs sa pag set up ng DODENG DAGA

Beaverino · May 21, 2016

Wow! Nice!

Nicolandia15 · May 21, 2016

HEMP said:
AWESOME!!!x100 like
pano ba mlalaman kung android/windows ba ang nasa LAN?
at gawa ka nga TUTs sa pag set up ng DODENG DAGA

Maraming paraan po, kung same network lang din naman kayo, try mo access yung default gateway ng router then check mo yung mga naka connect na device, kung gusto mo naman sa Kali, try mo mag nmap tapos scan mo lahat ng port, yung mga mobile device normally port 80 lang ang open and marami sa Windows.

PUTANKINNAMALL · May 26, 2016

huli ka balbon andito klang pla..pwede ba to sa 7-8.1?

Nicolandia15 · May 26, 2016

HEMP said:
huli ka balbon andito klang pla..pwede ba to sa 7-8.1?

Pwede po, just titled it Windows 10 para parang hindi outdated.

PUTANKINNAMALL · May 26, 2016

Apollo IV · May 26, 2016

Thanks for sharing at salamat sa bagong kaalaman

Nicolandia15 · May 26, 2016

Apollo IV said:
Thanks for sharing at salamat sa bagong kaalaman

Anytime sir.

PUTANKINNAMALL · May 26, 2016

"Fatsy" on the house haha...pwede kya pang e whoring yun?kikita ako ako malamang

unch:money is coming

Nicolandia15 · May 26, 2016

HEMP said:
"Fatsy" on the house haha...pwede kya pang e whoring yun?kikita ako ako malamang unch:money is coming

Haha. Pwede ring block is coming.

PUTANKINNAMALL · May 26, 2016

uy may nag react

...tabi2x po remember comedian

Nicolandia15 · May 26, 2016

HEMP said:
uy may nag react...tabi2x po remember comedian

Lol. I'm currently writing a tutorial tungkol sa Metasploit.

PUTANKINNAMALL · May 26, 2016

ahw nice...sagarin muna lhat master kasi pag may klase kna once in a blue moon ka nlang malamang..go go go mighty morphine amphetamine meth ***** lsd power ranger.....haile empress guru mentor nikol kedman hahaha

Nicolandia15 · May 26, 2016

HEMP said:
ahw nice...sagarin muna lhat master kasi pag may klase kna once in a blue moon ka nlang malamang..go go go mighty morphine amphetamine meth ©râck lsd power ranger.....haile empress guru mentor nikol kedman hahaha

No comment. Hindi na related yung mga post sa thread. Grr.

PUTANKINNAMALL · May 26, 2016

hahaha..madada lang ako if nka mind altering just ignore it bata...kakahiya lang ang nagtuturo sakin nito isang HS student a shame on me..and well ok lang....:hungover:...positive vibration gyal

Closed (How to häçk) Windows 10 - Kali Linux 2 Part 1

Eternal Poster

Forum Veteran

Eternal Poster

Forum Veteran

Eternal Poster

Eternal Poster

Forum Veteran

Eternal Poster

Forum Veteran

Honorary Poster

Eternal Poster

Forum Veteran

Eternal Poster

Forum Veteran

Eternal Poster

Forum Veteran

Eternal Poster

Forum Veteran

Similar threads

Popular Tags

About this Thread

Online statistics