Windows Xp Remote

Microsoft is aware that some customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received any security updates to protect their systems from CVE-2019-0708, which is a critical remote code execution vulnerability.

• In this post we'll take advantage of MS08-067 vulnerability that uses the netapi module in the Windows SMB protocol that may be used for arbitrary code execution. For this, we'll use two machines, one with Metasploit (this can be Windows or Linux) and a Windows XP (this also can be a Windows 2003).
• Windows XP is an operating system developed by Microsoft. It became officially available to the market in October 2001. Despite being released almost 20 years ago, Windows XP still has a 5% user share recorded in May 2018. If you happen to be a Windows XP user and want to enable remote access to your computer, you are in the right place.

Complete the steps outlined below to successfully Administer (using WMI) many Remote settings on a Windows XP Pro machine. Scope: Lan setup 2 machines each running XP Pro NTFS file systems General Networking access to both PC's already setup (ie: same workgroup name, tcpip enabled etc.).

Given the potential impact to customers and their businesses, we made the decision to make security updates available for platforms that are no longer in mainstream support (see download links in the following table). These updates are available from the Microsoft Update Catalog only. We recommend that customers running one of these operating systems download and install the update as soon as possible.

Given the potential impact to customers and their businesses, we made the decision to make security updates available for platforms that are no longer in mainstream support (see download links in the following table). These updates are available from the Microsoft Update Catalog only. We recommend that customers running one of these operating systems download and install the update as soon as possible.

To learn more about the vulnerability, go to CVE-2019-0708.

There are several posts and videos showing this procedure, but as we have received several questions about this topic we'll show you how to use Metasploit to take remote control over a Windows XP / 2003 machine.

In this post we'll take advantage of MS08-067 vulnerability that uses the netapi module in the Windows SMB protocol that may be used for arbitrary code execution. For this, we'll use two machines, one with Metasploit (this can be Windows or Linux) and a Windows XP (this also can be a Windows 2003).

To get started first let's open the Metasploit console with the command:

Now, let's select our vulnerability with the following command:

Now that the prompt reflects the name of the vulnerability, let's execute the following command to see how it should be configured:

The first option RHOST indicates the name or IP address of the Windows XP victim we want to attack. RPORT and SMBPIPE are mandatory options that indicate the port used to send the exploit and the type of connection to use. There's no need to modify these two last values:

To configure the IP of the XP victim, let's execute the following command:

where 192.168.75.90 is the actual IP of the victim

Section 'Exploit target' indicates what platforms can be used by this exploit. If we execute the following command we'll see all platforms vulnerable to this exploit:

From the section above we can see that the actual option of '0' indicates an automatic identification of the victim's platform, this option is enough and there's no need to modify it. If you wish, you can change this value to manually define your target with the following command:

Now we have to configure the payload used by our exploit, this indicates Metasploit what to do once the exploit has been successfully executed on the victim's machine. We can add this configuration with the following option:

The 'reverse_tcp' payload executes a reverse client on the XP machine, this module connects back to our Metasploit machine through the default port 4444. This payload is the one that will allow us to take control over the XP victim. Now, to indicate the victim to connect to Metasploit, we have to make the following configuration:

Where 192.168.75.35 is the IP address of your own Metasploit machine

With all these steps we are now ready to execute the attack. If we execute the 'show options' command we'll see the final configuration of our exploit:

If everything is ok, we launch the attack by executing the 'exploit' command and just wait for the exploit to complete:

Windows Xp Remote Access

The 'meterpreter>' prompt indicates that we are now ready to control de XP machine, to corroborate that we are indeed inside this machine, let's execute the 'sysinfo' command:

Now we can also execute the 'shell' command to obtain a prompt from within the victim's machine and start to execute operations:

And there you go! We are now controlling the Victim's machine. Now, for some situations you may not received the expected meterpreter session, but something similar to the following lines. In this cases you may assume the port we are trying to reach is closed or the attack is being detected by an IPS.

The most probable reason for this is the presence of a firewall, may it be external or the Windows firewall, in this case the exploit won't be able to be executed. If you want to verify the port is closed you can execute the following command from Metasploit.

This result confirms the victim is behind a Firewall. In this case we may use another vulnerability / exploit to take remote control of the victim.

Remember to send us your questions and comments to our Twitter account: @redinskala where you will find more information and security tips.

Windows Xp Remote Desktop

Thanks for your visit!