I WANNA KNOW HOW TO GET FU LLY ACCESS TO A PC USING REMOTE DESKTOP WHEN WE KNOW THE IP ADDRESS OF THAT PC.I WANNA GET THE WHOLE PC TO MY HAND.PLZ REPLY FAST.THANKS

FROM AADIL,

OK, here we go. An interesting question. I'd like to say that we have decided to add OUR OWN, full video on this subject to our video gallery.

This article is written specially to be posted over CodeGreed. Tagging this post or adding reference links is 100% LEGAL, but adding mirrors, duplicates or copping contents from this article without our permission is 100% ILLEGAL.

There are ways to go through "Windows remote desktop" system. If you hack through "windows remote desktop" system is is so easy to track down and the victim will notice that he is been hacked. I think you have just mentioned 'Remote Desktop' just to describe your requirement. I have described the way to own the Box. Hope that's what you want,, The full control.

This is not copies for some other web page, or this is not a mirror. So there might be mistakes. If you notice such thing, please reply and correct me. We'll directly go to the subject..

PLEASE note that this is ONLY a one way among MILLIONS of ways. If you think your way or you idea is better and effective than this, please be kind enough to mention it.

STEP 01 - Checking the ACCESS

1st of all you should have access to the IP address. Through the internet, through a local network or somehow.

Easiest way of checking weather you can access the IP is using a network scanner or a IP scanner. I recommend usual NMap. Ah! yes, you can always 'ping'. That's one of the simplest way, but it won't work with a good security system.

To do a standard TCP scan on the reserved ports of host <target>:
> nmap targetIP


In this thread I'm describing the way of using Nmap CLI (Command Line Interface) if you use a GUI (Graphical User Interface) version you won't need these quoted things because most of the required details are shown in GUI NMap builds.

NMap GUI:

Simple TCP scan won't response correctly if your target uses a strong security system. If so refer nmap documentation for more details about various scanning methods you can use.

If you have the access, then lets go for the next step. If you don't have the access think of some trick. It's up to you. I can't help it over here. You know;)


STEP 02 - Checking SERVICES & OS (Service & OS fingerprinting)


Anyway when you gain access you can use Nmap to get a full list of services and also the OS running on the victim's computer.

nmap -AO targetIP

You'll get an output as shown below

Now you have complete list of running services, you have related versions and you have OS details.

For more details about Nmap command line you can refer the MAN page at this link

Instead of using a network scanner like Nmap for scanning services you can directly use a vulnerability scanner like Nessus. So you can directly identify vulnerability services existing in the related system.

Lot of twinks and plugging for Nessus can be found all around the internet. It's so hard to describe all those over this tutorial. I'll surely demonstrate all those in the upcoming video tutorial.

Nessus GUI

Next is using those identified services to OWN the related computer. We are going to use a exploit database called Metasploit for the purpose.

Step 03 - Exploiting and owning the box

Metasploit comes with a command line which is the best choice for advanced users and it contains a web based GUI system for beginners.

Metasploit CLI:

Metasploit GUI:

Use the GUI if you are new to Metasploit Web based GUI by opening "MSFWeb"



You'll get a window like this in windows environment



Now open up your favorite web browser (Mine it's Firefox ) and navigate to 127.0.0.1:55555

Now you'll get the web GUI


Select Exploits

Now refer the list of services we gained earlier. Check weather you any service mentioned is listed under exploits

As an example we had MSRPC running (In the above screenshot). Search the list. You'll get MSRPC exploit there. I'll add a screenshot asap.

Now what you have to do is selecting a Payload. Read the description and select a one that suits your requirement

As an example you can use "reverse shell" or "bind shell" payload for getting command prompt of victims PC. You can even start a remote VNC session using this tool.

If you have a sound knowledge of using DOS or SHELL, this is your chance. Use 'reverse shell' or 'bind shell'. Get a shell for yourself. After that you'll be able to install required scripts, programs or applications to OWN the entire system

Now set the remote IP address (Vitim's IP). Some payloads require additional options to be set. Pay more attention on those things too.

Now wait until Metasploit launches the exploit and it'll take some time to complete, because Metasploit even use buffer overflows while handling some payloads.

Checkout "Sessions" tab to check existing sessions and successful finished exploits, (specially of you have multiple exploits running)

-------------------------------------------------------------------------

More Refrence::
Check out our Hacking E-Books under DOWNLOADS section for books on NMap, Nessus and Metasploit

Downlaods::
Checkout our Hacking Software category under DOWNLOADS section for direct downloads of above mentioned tools


-------------------------------------------------------------------------



I know that this is not a complete tutorial about owning a remote box and it is not at all a Step-by-Step guide. But i think i have covered some of the basic. You see how long this replay is. I think you have realized that it is hard to give such a descriptive step-by-step guide on a subject like this.

Best thing is self studies. Before using these, try it with your own environment and practice. You'll get all abilities quicker than you think.

Please add any comments and if you think i have missed something important please add it to this thread.


-------------------------------------------------------------------------


Ahhh... Forgot to say i have used some images from other web sites, those web sites are,

pds7.egloos.com/
www.securityfocus.com/
i.zdnet.com/
www.jagvillhaenblogg.se/
www.ethicalhacker.net/
www.vulnerabilityassessment.co.uk/

A lot isn't it. I'm writing this in a hurry so it was hard to use my own screenshots. Thanks goes to all those sites.

This article is all about, hack remote pc using ip address, hacking into remote desktops, hack remote pc knowing ip address, hack computer remote ip, hack remote desktop, hack others desktop, desktop hacking

aadil88 wrote:
FROM AADIL,

Thanks Aadil. It's you how gave me the idea of, peaking into the Hacking field. Thank to you, I have gained lot of knowledge. Lot of theories and lot of practice.

This is a note for all the people who are reading this article

HACK TO LEARN

HACK TO HELP OTHERS WHO ARE IN TROUBLE

HACK TO TEST YOU-OWN SECURITY

Don't HACK to harm or hurt other people

Don't HACK to peak into others' privacy

Don't forget that they can do the same on you. Be prepared if you are going to play with these.

Thanks for sharing..

Good one

Hi!

This is for the "ping" lovers.

Most of us use pings to check the availability of accessibility of IP addresses. Me too .

It's really OK to use "ping" in simple network operations, but do you know that "ping" attempts can be blocked. Thinks twice while dealing with a secured systems. Otherwise you'll mislead yourself.

Check this article for technical details about blocking "pings" and scanning attempts

Itz all about blocking incoming echo requests... ha ha