WINDOWS XP - ADDING USERS REMOTELY
- Layout for this exercise:
- One of the possible actions to be performed after explotaition is adding a user remotely on the victim's system. In our example, there are only two users before the attack at the XP machine:
- Now,
once XP has been exploited, the windows/adduser payload is set with
the goal to add a new user:
- Required
options for this payload are both the username (USER) and the
password (PASS):
- Setting
the username (pirate):
- Setting
the password (1Metapirate):
- Launching
the exploit:
- As a
result, the new user "pirate" has been created at the victim's User Accounts:
