Hacking techniques and Counter Measures Please find the usag

Hacking techniques and Counter Measures.

Please find the usage and the required counter measures to avoid effects of the below commands. (PLEASE USE SCREEN SHOTS IF POSSIBLE)

b. Metasploit

Solution

Metasploit is an exploit development framework that facilitates penetration testing of IT systems. This tool initially started off as a game and was taken over by Rapid 7 for maintenance and further development. Metasploit is a ruby driven environment. It allows us to develop exploits in ruby language and integrate them with existing
repositories. Ruby language also allows us to use the existing exploits within its file system to carry out an attack.

Threat: An undesirable event that has not yet taken place but can cause serious damage.

Exploit: The use of scripts and frameworks to attack a target system.

Payload: At its most basic definition, “payload” refers the action taken after the initial exploitation. It’s a piece of code usually bundled up with the exploit.

Countermeasure:

Patching existing vulnerabilities to prevent future attacks.

Vulnerability Information:

vulnerability used to exploit the target Windows XP machine that had the most up-to-date service pack installed on it. The code for this vulnerability is ms08_067_netapi. This name indicates that the vulnerability was discovered in the year 2008, and that it is a Microsoft product (in this case a Windows product) in the netapi module. According to Microsoft, this vulnerability in the Windows XP, 2003 based systems, allows the attacker to run malicious codes over the RPC without any authentication. The attack is done on the TCP port 445, which is used for SMB over TCP connections. The above attack is performed assuming that the victim doesn’t have any firewall and any antivirus in his system.