Updated on: June 24, We will be going through the basics of using Metasploit to exploit Windows XP machine using MS08— vulnerability in this article. We will use search command to search for if any module available in metasploit for vulnerability in focus which is ms08—, hence enter the following command in kali terminal.
Now in order to gather detailed information about available metasploit module for ms08— vulnerability, we will enter the following command in kali terminal. Once we confirm the specific metasploit module exploit to use, we can execute the command below to use the specific exploit available for ms08— vulnerability. Once you have chosen specific exploit, enter the following command to list all options available for this exploit module and also notice the column Required in image below, It is mandatory to fill the options where the value of Required is yes.
Now we can go ahead and change other options available such as RPORT and SMBPIPE to user defined values as per our need but for the sake of following through this article, we will leave all other options as default values set works fine for this exploit.
We can set specific target based on operating system our target is running by entering the command below:. Related Blog — Penetration Testing. Enter the following command in terminal to list all compatible payloads available for this exploit. Enter the above command in terminal to view the options set for Payload and Module. We have already set the necessary options for module, now since our payload is a reverse shell, we need to set value for LHOST option to Kali Linux by using command mentioned below:.
Now enter the exploit command in terminal now to get a command shell on our Target. Frequently, especially with client side exploits , you will find that your session only has limited user rights. This can severely limit actions you can perform on the remote system such as dumping passwords, manipulating the registry, installing backdoors, etc. Fortunately, Metasploit has a Meterpreter script, getsystem , that will use a number of different techniques to attempt to gain SYSTEM level privileges on the remote system.
There are also various other local exploits that can be used to also escalate privileges. Running getsystem with the -h switch will display the options available to us.
This may be because of Outbound firewall rules. How are we doing? Please help us improve Stack Overflow. Take our short survey. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Collectives on Stack Overflow. Learn more. Asked 6 years, 10 months ago. Active 5 years, 8 months ago. Viewed 1k times. Add a comment. Active Oldest Votes. Looks like you want to open a metertpreter session.
0コメント