Today, i make tutorial "Using smb_login and psexec in Metasploit attack any Windows PC".
Les't go...
In tutorial, i using two module "auxiliary/scanner/smb/smb_login" and "exploit/windows/smb/psexec" in Metasploit.
Step1: I using "auxiliary/scanner/smb/smb_login" for brute force attack password victim.
Befor i using smb_logn, i find username for victime (example: username as hostname, or using other solution find username with tool scanner nmap, soft pecfect network scanner Soft Perfect Network Scanner,...).
After brute force attack success, we have username and password of Windows PC.
Brute force password success!
Parameter in psexec module.
We using payload "payload windows/meterpreter/reverse_tcp_rc4" to get shell victim.
We have to set options in module psexe if we want get shell.
Now we run "exploit/run" and enjoy
We have shell victim :-D
Thereout, we can use payload "windows/vncinject/reverse_tcp_rc4" to get vncserver (remote desktop) victim.
Done!
Good luck guys!!
No comments:
Post a Comment