since xp is longer being patched by microsoft this should mean its very vulnerable now to remote exploits correct? are there any "zero-day" exploits that work on xp that should be forever available. it seems to me that xp being left in the cold my M$ and that XP still has a pretty large foothold this would be something great if your a hacker. But everything i find just points to netapi or dcom exploits which have been patched therefor any system that has all m$ patches is not vulnerable anymore. Especially if the system has most ports closed. exacmle xp machine with ports 135,139,445 open but all remote exploits are patched some time ago so any system that took updates in the past year are secured. Surely there has to be some remote exploit that will forever pwn an xp box right, or only those elite hackers that found the hole themselves and dont release
Forum Thread: Xp No Longer Patched, Open Exploits?
- Hot
- Active
-
Forum Thread:
Kali Linux Meterpreter Will Not Connect to Victim's Computer
7
Replies
13 hrs ago -
Forum Thread:
Is There a Tool or Machine Used to Hack Password
1
Replies
2 days ago -
Forum Thread:
How to Hack a Website to Edit It
18
Replies
2 days ago -
Forum Thread:
Awesome Keylogging Script - BeeLogger
29
Replies
3 days ago -
Forum Thread:
Learn to Hack an Android Device Over the Internet Remotely
2
Replies
5 days ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
165
Replies
2 wks ago -
Forum Thread:
Meterpreter Session Stage Failing
1
Replies
2 wks ago -
Problem with Msfvenom:
Windows 7 64-Bit Exe - The Version of This File Is Not Compatible.
6
Replies
2 wks ago -
Forum Thread:
After Executing Search Command in "Wifite" My Laptops Wifi Disconnected.
5
Replies
2 wks ago -
Forum Thread:
Is There a Tool or Machine Used to Hack Password
0
Replies
2 wks ago -
Forum Thread:
How Do I Hack WPS Locked Wifi
9
Replies
3 wks ago -
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
16
Replies
3 wks ago -
Forum Thread:
Hack a Specific Program
0
Replies
3 wks ago -
Forum Thread:
Why Can't I Boot into Kali Graphical Mode After a Fresh Installation??
0
Replies
3 wks ago -
How to:
Spoof E-Mail Using SendEmail and Postfix
0
Replies
3 wks ago -
Forum Thread:
Gain Access to (Data on) Locked Android 9 Phone (LG G6)
1
Replies
3 wks ago -
Forum Thread:
Difficulty with Kali Linux Commands
0
Replies
3 wks ago -
Forum Thread:
Kali linux command error. Kindly help
0
Replies
3 wks ago -
Forum Thread:
Airdump-Ng Can't Find Any Network in Monitor Mode
10
Replies
4 wks ago -
Forum Thread:
Unicorn Framework (iOS, macOS, Linux Post-Exploitation)
0
Replies
4 wks ago
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To:
Scan Websites for Potential Vulnerabilities Using the Vega Vulnerability Scanner in Kali Linux
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
Hack Like a Pro:
How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
Crack Password-Protected ZIP Files, PDFs & More with Zydra
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To:
Create a Persistent Back Door in Android Using Kali Linux:
-
How To:
Automate Wi-Fi Hacking with Wifite2
-
How To:
Create Custom Wordlists for Password Cracking Using the Mentalist
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
Tutorial:
Create Wordlists with Crunch
-
How To:
The Hacks Behind Cracking, Part 1: How to Bypass Software Registration
6 Responses
The OS itself is hardly ever exploited. But a lot of social engineering and msfvenom stuff works great with XP
Frank:
A new RPC, remote code execution exploit was found in the wild just over a month ago that is not patched. The trojan is known as 'Trojan.Gimmiv.A'.
OTW
I have not heard about that one yet. I checked the exploit-db and found nothing.
Apparently, its a repackaged old RPC exploit.
I will look into this. I was kinda wondering the same because a lot of devices still run XP and that is scary.
A lot of devices do run xp still, including embedded devices that you cant really social engineer. Thats what grabbed my interest more and the reason i asked about remote code execution. Seeing as microsoft ended support i figured someone would figure out some remote exploit that in theory would work "forever" now.
You mentioned msfvenom but isnt that really just encoding the payloads to slip past av and firewalls, how would that help against an embedded machine or regular xp box on a lan that you cant social engineer.
Share Your Thoughts