Day 4
Exploitation Windows XP Using Metasploit
Today learning how to use metasploit to exploit windows xp sp 3 in my virtual lab for penetration testing. In this sessions, step by step from Informations Gathering, Servce Enumeration, Vulnerability Assessment and now we can try to exploit the victim.
First step with known of the vulnerability from target :
 |
| Ip Address |
Lets see by nessus vulnerability scanner we can get the vulner from victim :
 |
| Vulnerability |
 |
| Open Port |
|
 |
| Services Vulnerability |
Can you see the service vulnerabilities, smb and windows server.
 |
| All information of vulnerabilities |
 |
| Port and Vulnerabilities |
In the picrture above we known vulnerability from windows xp, two hight risk of vulnerability by port 445 tcp and other port is medium and low risk vulnerabilities.
Ok, with the information of the vulner we can try to exploit with metasploit :
The picture showing ip address client and metasploit, in metasploit by using command like the picture with choosing service from windows. Next we by choossing the exploit and information of services vulnerabilities (smb). you can see the description of the vuln.
In the picture i choose the smb service with hight risk, and penetration with set ip address oh attacker
Set payload to execute the victim,
The option and and set Ip Address the victim,
In the original you can see the 3 folders in the drive C:\ and i will to make one folder in this drive. Lets to exploit target.
Yaps, exploite successfull
Im in the windows environtman...show list of the folder in the drive..Lets to make a new directory with name newbiemoron (maybe
www.newbiemoron.com my expire blog )
Its Funiest Day...Thank You MRP and IS2C
0 comments:
Post a Comment