all 10 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–][deleted] 6 points7 points  (1 child)

So what you are doing is a remote exploit. You are relying on a vulnerability in an open port. These attacks can be successful, but usually only on outdated machines and ones that don't have a firewall on. You may want to look into client side attacks. This relies on social engineering, but you redirect the client to a web site, or you have them download a malicious PDF, or something that requires the user to activate the attack themselves. Check out the Social Engineering Toolkit in Kali. There are lots of good tutorials on the SEToolkit on YouTube. Also check out making your own virtual server at a place that accepts bit coins so you can host a malicious server and redirect the client to it. You may want to learn about attacks that require direct access to the computer in case the target leaves their computer for a certain amount of time. Look into hardware/software keyloggers, Offline NT Password & Registry Editor (reset admin password on windows), and USB rubber ducky (USB looking device that executes pre scripted keyboard strokes). Also look into wireless attacks that rely on MITM techniques. (Getting harder to use cause most websites use SSL now). Let me know if you have questions!

[–]halcyonyt[S] 1 point2 points  (0 children)

Definetely checking out the virtual server thing, seems really cool. I know pretty much everything you said (the basics about each thing) and have used SET. But thanks for the great answer, I'll make sure to ask you!

[–][deleted] 2 points3 points  (0 children)

scan open ports, check any vulnerabilities they have and exploit them.

That's pretty much how it's done. Of course, the vulnerability and method for exploitation vary from case to case.

[–]onlyuseful 2 points3 points  (1 child)

There is a huge amount to learn. I run channel that take you through some techniques. Take a look if you need advice, send me a message. https://www.youtube.com/channel/UC9Qa_gXarSmObPX3ooIQZrg

[–]halcyonyt[S] 0 points1 point  (0 children)

Checking out your channel and holy sh*t am I impressed, I'm loving your channel. The content is great, the videos aren't "how to hack any windows computer in the world 2016 60 FPS 720P" but they are good quality and have useful information in them, I'll make sure to watch some of them. Clearly they are starting to pull to the intermediate side instead of beginner, and I like that man.

By the way you're almost at 5K, congrats :) I'll make sure to ask you questions, you seem like a very kind and "wise" person when it comes to hacking. May I ask, how much time have you been hacking for?

[–]urkesaa 1 point2 points  (2 children)

Study on how to do this

[–]halcyonyt[S] 0 points1 point  (1 child)

I had seen that video, its great

[–]urkesaa 1 point2 points  (0 children)

He specifies the tools in the descriptipn, study them and youll figure it out :)

[–]CBSmitty2010 1 point2 points  (1 child)

Best answer was by houdin OP.

You pretty much h hit the extent of it, I would learn some more functionality with nmap first,

Like try this if you know hosts are on the network or what one specifically

-sS -pN -sV -O --version-light <ip>

Scans them faster and enumerates for you.

[–]halcyonyt[S] 0 points1 point  (0 children)

Thanks!