Thursday, February 2, 2012

HOW TO EXPLOIT WINDOWS USING METASPLOIT

Day 4 

Exploitation Windows XP Using Metasploit

Today learning how to use metasploit to exploit windows xp sp 3 in my virtual lab for penetration testing. In this sessions, step by step from Informations Gathering, Servce Enumeration, Vulnerability Assessment and now we can try to exploit the victim.
First step with known of the vulnerability from target :

Ip Address
 Lets see by nessus vulnerability scanner we can get the vulner from victim :

Vulnerability
Open Port
Services Vulnerability
Can you see the service vulnerabilities, smb and windows server.
All information of vulnerabilities
Port and Vulnerabilities
In the picrture above we known vulnerability from windows xp, two hight risk of vulnerability by port 445 tcp and other port is medium and low risk vulnerabilities.

Ok, with the information of the vulner we can try to exploit with metasploit :
The picture showing ip address client and metasploit, in metasploit by using command like the picture with choosing service from windows. Next we by choossing the exploit and information of services vulnerabilities (smb). you can see  the description of the vuln.


In the picture i choose the smb service with hight risk, and penetration with set ip address oh attacker

Set payload to execute the victim,

The option and and set Ip Address the victim,
In the original you can see the 3 folders in the drive C:\ and i will to make one folder in this drive. Lets to exploit target.

Yaps, exploite successfull
Im in the windows environtman...show list of the folder in the drive..Lets to make a new directory with name newbiemoron (maybe www.newbiemoron.com my expire blog )

Its Funiest Day...Thank You MRP and IS2C




0 comments:

Post a Comment