WINDOWS XP - METERPRETER
- Layout for this exercise:
- Metasploit
provides the module ms08_067_netapi that exploits a parsing flaw in the path
canonicalization code of NetAPI32.dll through the Server Service.
This module is capable of bypassing NX on some operating systems and
service packs. Both Windows XP and 2003 targets are potential victims
of successful exploitation attacks.
- Let's
use ms08_067_netapi exploit against a XP machine:
- Required
options:
- Setting
the victim's IP:
- Now, the
METERPRETER payload is going to be used with the purpose of achieving
broad and deep post exploitation. Meterpreter works by injecting into victim's memory DLLs and native shared objetcs. One of the advantage of
Meterpreter is that it doesn't create files on the victim, and also
all communication between victim and attacker is encrypted.
- The use
of reverse_tcp ensures that the victim connects back
establishing the Meterpreter session:
- Required
options:
- Setting
the local host with the attacker's IP:
- Launching
the exploit the result is the creation of a meterpreter session:
- From the
meterpreter command line, several commands give the attacker valuable
information about the victim. Let's see some of them.
- Getting
information about the victim's machine:
- Getting
information about the current user (Local System Account authority):
- Also, a shell
or command line interface:
