Lets see how we can use the Metasploit framework to sniff the victim’s network and what we can get from that.
A MacBook with Vmware Fusion on it.
Target: A Virtual Guest with Windows XP SP3 with two Ip addresses 172.16.225.10 , 192.168.0.10
Attacker: A Virtual Guest with Backtrack 5R1 with the Ip address 172.16.225.251
- Running pingsweep to find the victim’s IP.
- Running Nmap to find possible vulnerabilities.The victim is running a ftp server.
- NC to the port to grub the banner.
- Searching Metasploit for exploit.
- Going to exploitdb to search more.
- Downloading the exploit.
- Putting the exploit in the Metasploit Framework.
- Exploiting the victim using a meterpreter payload.
- Use of the ipconfig command on victim reveals one more ip subnet
- Use sniffer.
- Starting the sniffer on the proper interface.
- Waiting for the sniffer to grub some packets.
- Downloading the pcap file for further analysis.
- Openning the file in Wireshark
The Pcap file shows our victim trying to find the local master browser so it sends a Get Backup List Request and the master browser with the ip address of 192.168.0.1 sends a GET Backup List Response.
So now we know another IP address in the network……..end of Part 1.!
At the next part we will see the exploitation of the new host.