cyberlearn

                Firewall and Antivirus Concepts Hey folks back again witht the series and here we are going to learn how to disable firewall and antivirus on the target windows xp machine I strongly recommend you to go throught the previous blog posts inorder to understand what we about to discuss . So Considering that fact that we have already exploited the target machine and now its time to disable the firewall on the target windows xp machine but before that lets perfrom an nmap firewall detection scan on it Command : sudo nmap -sA [target ip] --reason -T4 Fig : 1.1 So in Fig : 1.1 we can see that we are able to get responses only from ports 139 and 445 cause the file and printer sharing  is enabled on the target system but what if we want to scan and exploit ports under firewall ? we have no option but to turn off the firewall right ? so lets do it through the meterpreter sessions Command : netsh firewall set opmode mode=DISABLE Fig ...

                            Meterpreter So we've got the reverse shell back already in the previous blog and now what are we here for ?! But do you think a reverse shell is all we want from the target machine ? But think how dope it gonna be if we have features to downlaod a remote file from the target machine , dump hashes , passwords , take screenshots and many more We humans want something more better and then after something even more better  No matter what we breed we are still made of greed  So I guess we could say that in a way Meterpreter is here to fuel our thirst What the heck Meterpreter ? Meterpreter is nothing but a Metasploit attack payload that provides an interactive shell from which an attacker can explore the target machine and execute code. So its a advanced shell where we get access to tons of different modules instead of just cmd output and input. Exploitation Command :  set payload...

                               THE INCOGNITO No nope we aren't talking about this thing here We are talking about a metasploit module which looks something like this Well specificially its about the what the impersonation and deligation tokens are le what haters think : Incognito token is a very powerfull extenstion which helps us to steal windows tokens and impersonate them , but have you ever thought what are these tokens actually and why do windows use them ? well then I am glad that we are on the same page ! and here I am making clear things to you. So lets get started already ! When a user logs into a system there are a lot of processes created on his behalf , for instance explorer.exe which helps in running the desktop in Windows xp machines especially. So what windows does is that it goes ahead and gives a primary token to the user process Some of the things the primary token  :  SID Groups ...