Registry
key play an important role in operating system attacker makes use of legal
notice registry key to send threaten message on targeted system so that once
the system is boot up the user can read the message that “your system has been
hacked” which appears before login screen.
Through this article we are showing how an attacker
sends threaten message on logon screen to the targeted users.
Let’s start
Attacker : Kali Linux
Target: window 7
Read
our previous article how to hack windows 7 and get meterpreter session of
victims, inside meterpreter there are so many options for post exploit now type
following command to move inside registry key of the victim’s system
Meterpreter > Reg
enumkey –k HKEY_LOCAL_MACHINE\\SOFTWARE\\MICROSOFT\\Windows\\CurrentVersion\\Policies\\System
From screenshot you can observe that it contains 2 keys
(Audit, UIPI) having 18 different values. The highlighting box is our targeted
value.
i)
Legalnoticecaption
ii)
legalnoticetext
Now type another command for assigning the value of legalnoticecaption which is use for
providing the title or heading of the given message on logon screen.
Meterpreter > Reg
enumkey –k HKEY_LOCAL_MACHINE\\SOFTWARE\\MICROSOFT\\Windows\\CurrentVersion\\Policies\\System
–v legalnoticecaption –d “IMPORTANT MESSAGE”
From screenshot you can read our registry key is
successfully set.
Now type one more command for giving warning message to
the targeted system by assigning value of legalnoticetext
which will display your message on logon screen of victim’s system.
Meterpreter >
Reg enumkey –k HKEY_LOCAL_MACHINE\\SOFTWARE\\MICROSOFT\\Windows\\CurrentVersion\\Policies\\System
–v legalnoticetext –d “PWNED BY RAJ CHANDEL”
From screenshot you can read again our registry key is
successfully set.
Here –k denote
key; -V denote value; -d denote input data.
Now
when the victim will start his system after then he will receive our message on
logon screen as shown in given screenshot.
Try it yourself!!!
0 comments:
Post a Comment