Forum Thread: Hacking with No Form of a Payload or Victim Activity?

Hi so I've been learning about how this whole hacking thing works using the Kali Linux and tools they have, most of what I have found means the person has to run a program of some sort or some cmd code in order to gain access. I was wondering if their was a way to hack without them having to do anything, Im trying it on my own LAN connection. Any help would be appreciated

Thank You

9 Responses

There are. But it requires the victim to have at least one vulnerable service open.
If you have no open port and you don't want to use phishing like method then you should just pass.

Note : you can still DOS/DDOS your target...

Lets say its on the same network, iv port forwarded certain ports. what method would I use?

If you are on the same network, port forwarding is not required. What is required is a vulnerability with an exploit available. Vulnerability is a weakness. An exploit uses the vulnerability by opening a hole allowing you to deliver the payload. If your target is up to date with Windows and software updates, you would need to use a zero day exploit. Because that is rare, it's best to learn by common exploits on an unpatched system. If your target is a Windows XP, try MS08-067. If Windows 7,you can try MS17-010.

No you didn't get what I mean.
In order to do what you want. You need to have some service open on host port, here some example:

  • SSH Server
  • HTTP Server
  • Telnet
  • FTP Server
  • etc.

Got it, ive set up a server on an open port. Im just testing things out on home network so dont think I would need to but just in case. What phishing method would you recommend to use? Which one would work best for windows 10

Phishing is not a question of OS (Windows 10 or else doesn't matter): it's a question of credibility.

Most phishings attempts come from your mail box. But you there are also html link that can trigger a download if the user click on it (typically some web adds).

Personally I quite like hiding a backdoor inside a game. The player start the game with admin credential with no idea about what is inside the files because the game is too heavy for him to check carefully (you can even do it with scripts, none check).

What I have done is I have generated some CMD code which allows me access into the machine. I have made a small program that just shows some stats and things but on installation it will run the .bat file gaining me access into the machine

We have a project that requires exactly this.
Any phone, any network . We only need longitude and latitude of target device.
We enter in phone # or IMEI and the solution should return long/lat.
As a heads-up, all clients have to sign Indemnification Agreements with us.

I am looking for someone to help me with the various components since I am not schooled at all in KALI. If interested please email me at icetip61 AT gmail

Is it possible to use a websploit to hack a windows 10 machines, as I thought most patches have been made to Windows 10 not allowing these sort of hacks?

Share Your Thoughts

  • Hot
  • Active