:::: MENU ::::

That’s what i learned

Ohkay so there is this software called the metasploit, for hackers its what a wand is for a wizard. The metasploit is a framework, a library of all the exploits and payloads. What happens is basically, that an application may be vulnerable to a certain code..that is for a particular input the application might crash, if that input is converted into a file such that it can attack the application then it is called an exploit. Also there is something that is called as the “PAYLOAD” it is generally the malicious code that is added to the exploit code so that after the exploit has executed the control passes to the payload and a malicious code gets executed, it can act like a trojan and fully compromise your pc or can execute arbitrary shell commands, perhaps it can do pretty much anything you can think of….

Now I recently hacked one of my neighbor’s wifi and then scanned the network i found out that he was using a couple of devices… an Iphone(i came to know that it was an iphone during a conversation with my neighbor… as such the OS fingerprints were not detected on nmap.) …some nokia phone and a desktop….the desktop was a windows machine(with the ip 192.168.1.11) …windows xp sp2. But the problem was he had his firewall on … So one day he came online on facebook..so I asked him to switch off his firewall as that can create problems on a computer…and people tend to fall for things like this…so did he. :P

So the very next day I was online on facebook and i saw that he too was online at around 6:30 pm… so i quickly ran the metasploit loaded the exploit and attacked his machine… i did not expect that this would be successful but it was. :D  i had the meterpreter session running in less than a minute….i was in his machine with the power to do anything. :D
And just for fun i promptly sent a message box to his pc saying “You have been hacked”… aaaahhhh :( that was the mistake… this is the reason i am writing this post.. Whenever…mind my words WHENEVER…you hack something…stay silent dude :D ….

When he received this message box he came to know it was me… had a clue atleast(as he told the same later)… i quickly took screenshots of his desktop as is my habit.. then in around less than 5 second my phone was ringing and it was him calling :D Now that made me laugh! i was caught by the obvious proof!. so i had to tell him to switch on his firewall to stay protected.. But had i not sent that message box… and rather installed a telnet server on his computer and maintained a life long access to his pc… that would have been so much better… but aah! you learn from your mistakes… i learned to stay silent.

Now i cannot go into his pc anymore… there were millions of things i could have done…played around in so many ways if i had not made that mistake…. but never mind…mistake done…lesson learned.. :)


by Adwiteeya Agrawal

4 Comments

So, what do you think ?