since xp is longer being patched by microsoft this should mean its very vulnerable now to remote exploits correct? are there any "zero-day" exploits that work on xp that should be forever available. it seems to me that xp being left in the cold my M$ and that XP still has a pretty large foothold this would be something great if your a hacker. But everything i find just points to netapi or dcom exploits which have been patched therefor any system that has all m$ patches is not vulnerable anymore. Especially if the system has most ports closed. exacmle xp machine with ports 135,139,445 open but all remote exploits are patched some time ago so any system that took updates in the past year are secured. Surely there has to be some remote exploit that will forever pwn an xp box right, or only those elite hackers that found the hole themselves and dont release
Forum Thread: Xp No Longer Patched, Open Exploits?
- Hot
- Active
-
Metasploit Error:
Handler Failed to Bind
40
Replies
5 days ago -
Forum Thread:
How to Know if You Are a Script Kiddie?
9
Replies
1 wk ago -
Forum Thread:
How to Identify and Crack Hashes
8
Replies
1 wk ago -
Forum Thread:
How to Hack School Website
8
Replies
2 wks ago -
Forum Thread:
Whenever I Try "Airmon-Ng Start wlan0" There's an Error?
16
Replies
2 wks ago -
Forum Thread:
How to Fix 'Failed to Detect and Mount CD-ROM' Problem When Installing Kali Linux
14
Replies
2 wks ago -
Forum Thread:
Awesome Keylogging Script - BeeLogger
30
Replies
3 wks ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
27
Replies
3 wks ago -
Forum Thread:
Complete Guide to Creating and Hosting a Phishing Page for Beginners
48
Replies
3 wks ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
121
Replies
1 mo ago -
How to:
Minecraft DoS'Ing with Python.
1
Replies
2 mo ago -
Forum Thread:
HELP I Created an Apk for Hacking My Phone Using Kali Linux in Virtual Box How Can I Install That Apk on My Phone
17
Replies
2 mo ago -
Forum Thread:
Tools for Beginner Hacker
3
Replies
2 mo ago -
Forum Thread:
How to Embed an Android Payload in an Image?
9
Replies
2 mo ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
46
Replies
3 mo ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
11
Replies
3 mo ago -
Forum Thread:
Fix Initramfs Problem
5
Replies
3 mo ago -
Forum Thread:
Kali Wont Start, Stuck at Kali Login:
21
Replies
4 mo ago -
Forum Thread:
How to View Your Child's What's App And Many More!
3
Replies
4 mo ago -
Forum Thread:
Proxy Lists for Proxy Chains
1
Replies
5 mo ago
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Dox Anyone
-
How To:
Automate Wi-Fi Hacking with Wifite2
-
How To:
Extract Bitcoin Wallet Addresses & Balances from Websites with SpiderFoot CLI
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How To:
Crack SSH Private Key Passwords with John the Ripper
-
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
-
Steganography:
How to Hide Secret Data Inside an Image or Audio File in Seconds
-
Tutorial:
Create Wordlists with Crunch
-
How To:
Enumerate SMB with Enum4linux & Smbclient
-
How To:
Gain Complete Control of Any Android Phone with the AhMyth RAT
-
How To:
Exploit EternalBlue on Windows Server with Metasploit
6 Responses
The OS itself is hardly ever exploited. But a lot of social engineering and msfvenom stuff works great with XP
Frank:
A new RPC, remote code execution exploit was found in the wild just over a month ago that is not patched. The trojan is known as 'Trojan.Gimmiv.A'.
OTW
I have not heard about that one yet. I checked the exploit-db and found nothing.
Apparently, its a repackaged old RPC exploit.
I will look into this. I was kinda wondering the same because a lot of devices still run XP and that is scary.
A lot of devices do run xp still, including embedded devices that you cant really social engineer. Thats what grabbed my interest more and the reason i asked about remote code execution. Seeing as microsoft ended support i figured someone would figure out some remote exploit that in theory would work "forever" now.
You mentioned msfvenom but isnt that really just encoding the payloads to slip past av and firewalls, how would that help against an embedded machine or regular xp box on a lan that you cant social engineer.
Share Your Thoughts