Hello null byte,
I have been able to perform exploits on computers on my local network without much trouble. But recently a friend allowed me to practice hacking on one of his old windows xp machines. Because it was windows xp I loaded up the RPC DCOM exploit which I heard about from occupytheweb's tutorial here. But when I started to enter the RHOST in I realized I had no idea which IP address I should use on my friend's computer. I can't use his public ip because that will just point to his router, and I can't use his private ip. So what do I do? Do I have to compromise his router and set up port forewarding so the exploit will work properly? Or should I just try to gain acess to his wireless network so I can join it and attack him over LAN?
-smil3
2 Responses
After briefly looking over the exploit, it looks like you must either be on the same network or the port 135 must be open on the target network. If you know your friends public IP address, do an Nmap scan. If port 135 is open, use public IP address as the Rhost and 135 as the rport. If it's not open, you can try another exploit such as the new MS17-010.
Thank you so much! This really cleared up a lot for me.
Share Your Thoughts