ST

Description: In this video nox and patchy from Infinity Exists demonstrate why is it necessary for your computer to have the latest patches. In this video they use metasploit (which is an penetration tool that has a database of attacks and payloads ) to gain root  access to a local machine. The attack begins by carrying out a port scan using nmap. The scan shows port 135 with MSRPC running on it. The attacker then opens up metasploit and then select a buffer overflow vulnerability present in windows systems that could be remotely exploited through the dcom rpc interface.He then selects the win32_reverse_meterpreter payload and specifies the ip address of the victim under the LHOST option. He then launches the attack by typing exploit. After the attack then attacker uses the execute command to access the  victims computer through a command prompt. The attacker then loads three  libraries SAM, PROCESS,FS which  can allow the attacker to get password hashes,upload  and download files and execute  various processes on the target computer.He then tries to access a file  named "TOP SECRET.txt" but he finds that he  cant access the file as it was available to the administrator. The  attacker then uploads netcat (which is a backdoor) and psexec (which is used for executing netcat under the administrators account) .also he uses whoami.exe to display the current user .He then dumps the hashes using the sam library and uses johnTheRipper to carry out a dictionary attack against the hash. He then creates a new user and gives him administrator privileges. He then sets  netcat listening on a port. Finally he then uses the Telnet application to connect to that computer on the port that he set listening and now he was able  to access the  file  "TOP SECRET.txt" as he had administrator privileges on that computer.

A high resolution version of this video can be downloaded here.