since xp is longer being patched by microsoft this should mean its very vulnerable now to remote exploits correct? are there any "zero-day" exploits that work on xp that should be forever available. it seems to me that xp being left in the cold my M$ and that XP still has a pretty large foothold this would be something great if your a hacker. But everything i find just points to netapi or dcom exploits which have been patched therefor any system that has all m$ patches is not vulnerable anymore. Especially if the system has most ports closed. exacmle xp machine with ports 135,139,445 open but all remote exploits are patched some time ago so any system that took updates in the past year are secured. Surely there has to be some remote exploit that will forever pwn an xp box right, or only those elite hackers that found the hole themselves and dont release
Forum Thread: Xp No Longer Patched, Open Exploits?
- Hot
- Active
-
Forum Thread:
How to Encrypt Python Exploit So It Can Be FUD Again? [DOC EXPLOIT]
23
Replies
6 hrs ago -
Forum Thread:
The Only Authentic Way to Hack Instagram!
44
Replies
11 hrs ago -
Forum Thread:
What Is Diet Clarity Keto?
0
Replies
21 hrs ago -
Forum Thread:
http://thesupplementcop.com/primal-grow-pro/
0
Replies
1 day ago -
Forum Thread:
Came and free covid19 time free internet 4G free
0
Replies
1 day ago -
Forum Thread:
http://thesupplementcop.com/primal-grow-pro/
0
Replies
1 day ago -
Forum Thread:
how to target any devices using windows 10 with free software
0
Replies
1 day ago -
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
3
Replies
1 day ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
26
Replies
1 day ago -
Forum Thread:
Help Needed Please!
7
Replies
1 day ago -
Forum Thread:
Complete Guide to Creating and Hosting a Phishing Page for Beginners
36
Replies
2 days ago -
Forum Thread:
How to Get Social Media Accounts and Real Name from the Footprints Left Behind by a Phone Number
4
Replies
2 days ago -
Forum Thread:
How to Bind Original Apk into a Payload with Msfvenom
2
Replies
4 days ago -
Forum Thread:
Suggest Me Some Good Easy to Understand Python Course?
1
Replies
4 days ago -
Forum Thread:
This Profile Makes Instagram Crush on Android and Doesnt Shows Up on IOS. How?
0
Replies
4 days ago -
How to:
Crack Instagram Passwords Using Instainsane
25
Replies
5 days ago -
Forum Thread:
Rescue-ssh.target Is a Disabled or a Static Unit
19
Replies
5 days ago -
Forum Thread:
Kali Linux Wifi Problem
2
Replies
5 days ago -
Forum Thread:
Change Username on Kali?
6
Replies
1 wk ago -
Forum Thread:
Empire Tab Not Working
0
Replies
1 wk ago
-
How To:
Conduct a Pentest Like a Pro in 6 Phases
-
How To:
Protect Up to 10 Devices with This All-in-One VPN
-
How To:
Hack Android Using Kali (Remotely)
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
Hacking macOS:
How to Use Images to Smuggle Data Through Firewalls
-
How To:
The Null Byte Guide to 3D Printing for Hackers
-
How To:
Gain Complete Control of Any Android Phone with the AhMyth RAT
-
How To:
Hunt Down Social Media Accounts by Usernames with Sherlock
-
How To:
Harness the Power of Big Data with This 10-Course Bundle
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How To:
Automate Wi-Fi Hacking with Wifite2
-
Hack Like a Pro:
How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
-
How To:
Brute-Force Nearly Any Website Login with Hatch
6 Responses
The OS itself is hardly ever exploited. But a lot of social engineering and msfvenom stuff works great with XP
Frank:
A new RPC, remote code execution exploit was found in the wild just over a month ago that is not patched. The trojan is known as 'Trojan.Gimmiv.A'.
OTW
I have not heard about that one yet. I checked the exploit-db and found nothing.
Apparently, its a repackaged old RPC exploit.
I will look into this. I was kinda wondering the same because a lot of devices still run XP and that is scary.
A lot of devices do run xp still, including embedded devices that you cant really social engineer. Thats what grabbed my interest more and the reason i asked about remote code execution. Seeing as microsoft ended support i figured someone would figure out some remote exploit that in theory would work "forever" now.
You mentioned msfvenom but isnt that really just encoding the payloads to slip past av and firewalls, how would that help against an embedded machine or regular xp box on a lan that you cant social engineer.
Share Your Thoughts