So today we will look how an attacker can hack into windows xp system using a Arbitrary code execution vulnerability.We are going to use metasploit that is present on kali Linux or you can do the same with backtrack also. Technical description of the vulnerability is there exist a vulnerability on Microsoft Windows XP and Windows 2003 Operating system on handling of the Screen Saver path, in the [boot] section. An arbitrary path can be used as screen saver, including a remote SMB resource, which allows for remote code execution when a malicious .theme file is opened, and the “Screen Saver” tab is viewed.
Lets carryout the attack Practically here i have used victim machine to windows sp3 and attack to be kali Linux.
so follow it step by step
(IP of your Kali machine to know type ifconfig on new terminal)
once all this done you need to give to your victim \\192.168.1.3:gCzJXDKtJugDsVFC.scr via chat or email or any social engineering technique you can use.once the victim open the url provided by you he will asked for confirmation of opening link .
as soon as victim click run you will have your meterpreter shell open .