Exploit windows xp by metasploit Netapi vulnerability

metasploit

Exploit windows xp by metasploit Netapi vulnerability

Hello guys, hope you were doing better and practising today in this tutorial i will show how you can exploit windows xp using metasploit.

In this tutorial we will exploit windows xp by MS08-67 Netapi vulnerability so,               which type of vulnerability is this ..?   the answer is this is a vulnerability in windows samba service called called MS08-67 this exploits work on the port number 445 and upto windows xp sp3 version.

Name- Microsoft server service relative path stack corruption. 
Exploit- exploit/windows/smb/ms_08_67_netapi
  • As I told you above this vulnerablility will work on the port number 445 so firstly scan for open ports.
  • open Nmap and scan for open ports by this command nmap -n -sV 192.168.1.*

metasploit

  • yeah port 445 is open.
  • start msfconsole and use the above exploit as shown below
  • now set RHOST. RHOST is remote address of victim

metasploit

  • now set payload as shown below here payload is set here to get a reverse connection in meterpreter here we are using windows meterpreter if you want to see all avilable apyload for that exploit then use “show payloads” command. Here we are using this payload
windows/meterpreter/reverse_tcp
  • Now use show options command and set LHOST Lhost is your IP address
  • Run exploit yeah we get back connection with victim pc.

Post Exploitation with meterpreter

  • type sysinfo to get the system information of victim.

metasploit

Here you see that in the above image victims information is available. There are many types of options in meterprer you can check with ‘ ? ‘ command. Suppose if you want to shell that pc so run ‘shell’ command in the metrpreter shell will be created.

In our metasploit soonly i will update many of the tutorials on metasploit series because metasploit has many of the exploits, auxiliary, payloads, script, e.t.c which will help you for exploitation.

keep learning and practising because practise makes a man perfect… 🙂

 

Author: Ahmed Raza Memon

I am 17 years old Ethical Hacker, Penetration Tester, Web Security Expert and Exploit Writer From the India. My area of expertise includes Ethical Hacking, Vulnerability Assessment, Information Security Audits, Penetration Testing, Exploit Writing, Web Application security, Source Code Reviews, Forensic Investigation and Cyber Law. I have been Acknowledged by many top companies like Microsoft, Apple, SAP, AOL, Sony and many More...

2 thoughts on “Exploit windows xp by metasploit Netapi vulnerability”

Leave a Reply