Forum Thread: Several Questions

  1. This is more of a hypothetical question: Is there a way at all to hack a computer with metasploit without any interaction with the victim at all? I mean by not sending a payload, anything embedded with a payload, but by just knowing their IP address? I know that ms0867netapi exploits XP Computer running Service Pack 1 and Windows 2003 computers.
  2. Let us say we have a website. Is there a methods where we can hack that website through its contact form? Code injection?

Thanks! Much love to all!

5 Responses

  1. Id oubt that... but you can always make a usb so when you plug it in... baaaaam!!!
  1. You could upload a shell if the contact form lets you upload something!! ;);)
  1. Remember, he said no contact. :) (also, to answer your question, yes, it is possible. but only if somebody had previously hacked that pc and left a persistent backdoor. You could connect through that.)
  1. Through its contact form in specific? I'm not 100% sure about that because contact forms don't usually let you upload things and what you write in a contact from goes directly to their email in (normally) plain text format. Alas, I have never attempted this though.

I thought of him as new so I was telling a possible way to do it ;);) maybe he didnt think of it?? ;);)
Anyway thats the only way... you cant do it unless backdoored...
If you dont know what that means.. gooooooogle!! ;);)

But regardless, you answered his question incorrectly, and payed no attention to his "without interaction with the victim at all" emphasis. You should do more reading and try to understand better what people are trying to get across. I'm sure he did think of this, but however, this is not in his scope of "no interaction". Physical access = physical interaction with the victim box.

(not trying to be snotty, just trying to get a point across here.)

EDIT: Downvote this, because People don't need to unwillingly see my "rant".

Share Your Thoughts

  • Hot
  • Active