since xp is longer being patched by microsoft this should mean its very vulnerable now to remote exploits correct? are there any "zero-day" exploits that work on xp that should be forever available. it seems to me that xp being left in the cold my M$ and that XP still has a pretty large foothold this would be something great if your a hacker. But everything i find just points to netapi or dcom exploits which have been patched therefor any system that has all m$ patches is not vulnerable anymore. Especially if the system has most ports closed. exacmle xp machine with ports 135,139,445 open but all remote exploits are patched some time ago so any system that took updates in the past year are secured. Surely there has to be some remote exploit that will forever pwn an xp box right, or only those elite hackers that found the hole themselves and dont release
Forum Thread: Xp No Longer Patched, Open Exploits?
- Hot
- Active
-
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
54
Replies
2 days ago -
Forum Thread:
Popcorntime Alternative?
4
Replies
4 days ago -
Forum Thread:
How Make a Simple Payload with Kali Linux (Detectable)
2
Replies
1 wk ago -
Forum Thread:
Parrot Security Os Problem......
15
Replies
1 wk ago -
Forum Thread:
Hack Instagram Account Using BruteForce
200
Replies
2 wks ago -
Forum Thread:
card number generators...
6
Replies
2 wks ago -
Forum Thread:
How to Hack a Website to Edit It
24
Replies
2 wks ago -
Forum Thread:
Can some help me how to hack into a FB account to that was hacked. Trying to get a friends account back. Cheers.
5
Replies
2 wks ago -
Forum Thread:
How to Hack Wifi Network with CMD
82
Replies
3 wks ago -
How to:
Spoof E-Mail Using SendEmail and Postfix
2
Replies
1 mo ago -
How to:
See How to Write an NTFS Partition of HDD/SDD in Kali LinuX (The Ultimate Guide)
2
Replies
1 mo ago -
Forum Thread:
Eml to PST Conversion
9
Replies
1 mo ago -
Forum Thread:
PST File - Outlook Inbox Repair Tool Can't Repair
4
Replies
1 mo ago -
Metasploit Error:
Handler Failed to Bind
39
Replies
1 mo ago -
Forum Thread:
How to Mr Robot's Password Cracker?
10
Replies
1 mo ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
15
Replies
1 mo ago -
Forum Thread:
12 Ways How to Hack Any Social Network and Protect Yourself 2018
1
Replies
1 mo ago -
Forum Thread:
How to Make a Hacking Tool and What Programming Languages Are Used to Make One?
15
Replies
1 mo ago -
Forum Thread:
Does GSA Email Spider Gives Inaccessible or Hidden Email Addresses and Phone Numbers of Web Sites?
4
Replies
1 mo ago -
Forum Thread:
Whatsapp Hack?
18
Replies
1 mo ago
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How To:
Use Hash-Identifier to Determine Hash Types for Password Cracking
-
How To:
Scan Websites for Interesting Directories & Files with Gobuster
-
Tutorial:
Create Wordlists with Crunch
-
How To:
Hack WiFi Using a WPS Pixie Dust Attack
-
How To:
Use SpiderFoot for OSINT Gathering
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How To:
Exploit EternalBlue on Windows Server with Metasploit
-
How To:
Automate Wi-Fi Hacking with Wifite2
-
How To:
Find Passwords in Exposed Log Files with Google Dorks
-
Hack Like a Pro:
How to Extract Email Addresses from an SMTP Server
-
How To:
Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+
-
How to Hack Wi-Fi:
Hunting Down & Cracking WEP Networks
-
How To:
Hack Android Using Kali (Remotely)
6 Responses
The OS itself is hardly ever exploited. But a lot of social engineering and msfvenom stuff works great with XP
Frank:
A new RPC, remote code execution exploit was found in the wild just over a month ago that is not patched. The trojan is known as 'Trojan.Gimmiv.A'.
OTW
I have not heard about that one yet. I checked the exploit-db and found nothing.
Apparently, its a repackaged old RPC exploit.
I will look into this. I was kinda wondering the same because a lot of devices still run XP and that is scary.
A lot of devices do run xp still, including embedded devices that you cant really social engineer. Thats what grabbed my interest more and the reason i asked about remote code execution. Seeing as microsoft ended support i figured someone would figure out some remote exploit that in theory would work "forever" now.
You mentioned msfvenom but isnt that really just encoding the payloads to slip past av and firewalls, how would that help against an embedded machine or regular xp box on a lan that you cant social engineer.
Share Your Thoughts