Start msfconsole and issue the following commands:
RHOST is the remote windows host. You can either scan your subnet for it's IP address or since you're testing your network., go on the windows OS, click start, click run and type cmd.exe in the box. Within your command shell, type "ipconfig" to get your IP address.
LHOST is your IP address. From linux, type "ifconfig" to get it.
LPORT is a port you have available to listen for the connection back.
If all works fine, you should land in the meterpreter:
From there we have a multitude of options available. Type "help" to list all available options. Some fun commands can take a snapshot from the victim's webcam, reboot or shutdown the computer, etc.
To know more about the system, type "sys info" or to get the usernames and password hashes on the machine, type "hashdump". See you could put to use some of the scripts you worked on in "Cracking passwords with python".
Another interesting feature of the meterpreter is the ability to record keystrokes which can grab passwords from everywhere, doesnt matter if its facebook or a bank. And if you want to get a shell, you can type "execute -i -f cmd.exe".
That was easy right... Since we know a little programming, and we do not want to manually test all of our hosts on our subnet, lets write a script that will automactically find all the vulnerable hosts. And since we already know how to bruteforce a service, we will bruteforce all the other hosts that are patched:
Hope that helps you play around with metasploit and how to interact with it using a programming language!
No comments:
Post a Comment