Hey Guys. I will be giving a quick dirty how-to of exploiting a windows velunurbility to login to remove system with out username and password using Metasploit
Requirements:
1. MetaSploit Installed (Preferably BackTrac)
2. Ruby Installed (Install all the package of Ruby to avoid any issues)
3. Two OS running either on same as virtual or physically different
4. Target host must not be running any AV
Here are the quick Steps.
SCENARIO:
Machine 1: Host Linux Machine
Machine 2: Target Windows 7 Machine
Step 1:
Download and Install Metasploit Framework Source Code on the Machine 1. I prefer downloading from SVN. run the given below command on CLI
svn co https://www.metasploit.com/svn/framework3/trunk/
OR
Download directly from here:http://downloads.metasploit.com/data/releases/framework-latest.tar.bz2
Step 2:
Locate the file msfconsole. In my case it was under /opt/framework-x.x.x/app
Run it as ruby msfconsole
Step 3:
Now once you get the msf> prompt type the below command
search…
View original post 367 more words