Metasploit exploit vulnerability penetration attack target drone

Source: Internet
Author: User
Tags kali linux

1. Construction of Network test environment

First you need to configure the network environment for good one penetration testing, including 1 of computers running Kali Linux systems, and 2 as shown by the teacher to the Windows Server 2000 system computer. The two computers are in the same network segment, can communicate with each other, the Kali system is used as an attack aircraft, the following will run Metasploit for penetration testing on this system, and Windows 2000 is required to infiltrate this task target drone, maintain the default state after installation, No additional system security patches are being played.

The IP of 1,kali is: 192.168.19.128

2: Target drone's ip:192.168.19.131

2, scanning target drone

Before formally starting the infiltration, the target drone should be scanned and probed into the system type, open port service, potential security vulnerability, etc. of the penetration target.

As shown in 3, the Metasploit environment can be accessed by executing the msfconsole command on the Kali attack aircraft.

There are two methods for scanning to check for common vulnerabilities:

The first method: Nmap-o target drone IP (detect the vulnerability of the target system, prone to false positives)

Second method: Nmap--script=vuln target drone IP (high frequency of use)

Attached Nmap script scan use summary URL: http://www.vuln.cn/2444

The first one looks like this:

The second method looks like this:

The previous scan did not have this problem (has been shown that the progress is 99.83%, unable to reach 100%), so instead of direct search for the vulnerability method, here with ms08-067 for example:

Attached to Microsoft Security Report: https://technet.microsoft.com/library/security/ms08-067

First find out where this loophole is

It then begins to exploit the vulnerability by setting some information before attacking the vulnerability:

Payload, also known as attack load, is mainly used to establish a stable connection between the target machine and the attack, can return to the shell, can also be injected into the program.

Enclosed is an introduction to Meterpreter: http://www.xuebuyuan.com/1993953.html

Meterpretershell as a penetration module has a lot of useful functions, such as adding a user, hiding something, open the shell, get the user password, upload files to download remote host, run Cmd.exe, capture the screen, get remote control, capture key information, clear the application , displays the system information of the remote host, displays information such as the network interface and IP address of the remote machine. Set Lhost Kali ipset rhost target drone IP can now penetrate the attack to indicate the success of the infiltration, can use simple commands such as screenshot, I checked the next command is the screen, but the target drone shut down (this is why?). ), as shown in: Is the picture of the Kali attack aircraft is the picture of target drone: using the shell command to switch to target drone cmd system permissions display not enough storage space, I thought it was allocated enough memory, later to kali2g memory, found this problem, it should be my d disk storage space is not enough, Had to change a payload method: The use of Set payload WINDOWS/SHELL_BIND_TCP display has been penetrated successfully, and can control the target drone for the target drone added a user, convenient subsequent operations, add success, You can use the Remote Desktop client to connect to target drone Remote Desktop services, because Kali did not download rdesktop software, do not follow up. With the newly created account and password successfully login to the system, you can easily operate the remote target drone, to this step, we can do some information on the target drone, or some virus and Trojan upload.

Metasploit exploit vulnerability penetration attack target drone

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.