Metasploit Framework on XP-SP3

Viewing 7 reply threads
  • Author
    • #6173

      Good morning,

      I had posted an earlier question about installation of MSF on a mac. That never did work, and I had to give up, as my midterm is due tomorrow. But as of this morning, I have now gotten a  successful installation on a Windows XP-SP3 Virtual Machine. I want to to the Pic The Vic attack on my computer, but am only finding complete tutorials that involve malicious attacks. Since I am doing this to my own computer, I really don’t want to do anything that will screw it up! I am not married to any one attack, but as this is my first time doing anything like this, does anyone have any suggestions as to what I should try that will not do damage to either computer? I am also hesitant to visit too many sites, as I really don’t want to give my boyfriends or my own computer any viruses/malware.

      Any suggestions would be greatly appreciated!

    • #38597

      I find it weird that you get such an assignment from your teacher without him teaching you anything about how to set up a lab or how exactly the attack works that you need to preform.

      Just so you know Metasploit is not a god in penetration testing. What machine did you get to penetrate from your teacher or did he tell you to penetrate a private persons machine (which I doubt very much)?

    • #38598

      Our assignment was to pick a tool that we had not yet gone over in class and demonstrate intrusion detection tools configuration and hacking exploits, and no two students were to pick the same tool. The project was designed to provide us an opportunity to research  and study security related technology.
      I chose Metasploit framework because i had never worked with it, and it was available on both Mac and PC.  I told him I wanted to attempt cross-platform hacking. I got permission from my boyfriend to hack into his PC from my Mac, and to use his computer to hack into mine, and then I was permitted to use this tool. This is my midterm for my final semester as a Computer Forensics student, and this is 30% of my final grade, so I very much need to get it to work. I had emailed my professor about the PC issues on Saturday, and the Mac issues on Sunday, and I have not gotten a response from either email.
      My biggest issue is I am researching a lot of stuff about MSF, but so many of the tutorials and examples are using sql injections, viruses, and trojans. My goal is to be a whitehat hacker, so I really don’t want to mess with this. And if we do anything illegal, I will also be in hot water at school.
      My biggest concern when researching all of this is not to infect either computer.
      So the gist of the assignment is researching different tools, but a equipment is we MUST get the tool to work.
      I am not sure what sites I can go on for a simple tutorial that will get the icamera to work, or pop up a message or something. I was researching Pic the Vic, because it seemed harmless enough, but I have only found articles talking about it’s existance, nothing that tells you HOW to do it! Even on MS’s site, they have the camera bit, and I have gotten the commands to work (i think. there were no errors), but I can’t get the actual image to appear. I even tried pinging, so I know it can reach the computer, and I turned off the firewalls on both computers just to be sure that wasn’t going to be an issue.

    • #38599

      If you insist on using Metasploit on in a XP environment I suggest you use VM ware to run backtrack and create an other box in VM ware to attack (in that way you leave your bf’s computer alone). It is a pain to install Metasploit yourself from what I have heard an even worse to configurate it the right way.

      For tutorials I suggest you look at Viveks primer on Metasploit at it discusses most of the basic options in Metasploit.

    • #38600

      Thank you very much! I really appreciate the help and advice!

    • #38601

      I’m curious which module you say requires the use of a virus ’cause I’ve never seen that in Metasploit…

      Anyway….why not simplify your life and download BT4 and Metasploitable. There are a number of vulnerabilities/exploits out there. There are even a number of tutorials from a number of reputable websites…

    • #38602

      None of the Metasploit or even Offensive Security tutorials have the viruses/sql injections – its the independent video tutorials and such that have those. A number of the you-tube videos had information about how to attack someone’s computer so you can leave malicious code behind etc. I really don’t want to ruin my chance to be a whitehat hacker! 🙂

      I downloaded BT4, installed MSF, created my executable for iSight, and inserted my IP as the RHOST, but whenever I finally got to “execute”, it would do
      “Starting the payload handler…
      Started bind handler”
      and then it gets hung up. I don’t know what I am doing wrong with this, or if it is just a bug in the code. I can ping my computer, and i can ping google,so it isn’t a network error.

      Here is the tutorial I am currently using. Anybody else attempted this?

    • #38603

      If I remember right Metasploit has some issues with webcams in general. Why not use one of the built in exploits enough test machines out there?

      Beside that did you see that you got the networking configured right in the VM ware (if you are using VM ware now)?

      Could also be that the exploit does not work because you are running XP now right?

Viewing 7 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2022 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.


Sign in with Caendra

Forgot password?Sign up

Forgot your details?