See on Scoop.it – Metasploit
This Metasploit module exploits an out-of-bounds access flaw in Firefox 7 and 8 (versions 8.0.1 and below). The notification of nsSVGValue observers via nsSVGValue::NotifyObservers(x,y) uses a loop which can result in an …
See on w00t.pro
See on Scoop.it – Metasploit
Exploiting Windows XP (SP3) with Metasploit Framework / Back|Track This is a simple movie about exploitation at Windows XP.
See on diytricks.com
See on Scoop.it – Metasploit
M (Metasploit have Exploit code for MS12-027 (zero-day) – ABH Forum بلاكـ هات العرب: http://t.co/oLrwWJSZ...)…
See on www.abh-sec.com
Aloha,
Lets see how we can use the Metasploit framework to sniff the victim’s network and what we can get from that.
Our Lab:
A MacBook with Vmware Fusion on it.
Target: A Virtual Guest with Windows XP SP3 with two Ip addresses 172.16.225.10 , 192.168.0.10
Attacker: A Virtual Guest with Backtrack 5R1 with the Ip address 172.16.225.251
Aloha,
Lets see how we can use the Metasploit framework to pawn an MS SQL Server
Our Lab:
A MacBook with Vmware Fusion on it
Target: A Vrtual Guest with Windows 2003 Server with the Ip address 172.16.226.131
Attacker: A Virtual Guest with Backtrack 5R1 with the Ip address 172.16.226.128
So Lets go….
Commands:
The SQL Database TCP port 1433.
Setting the RHOSTS option we can get information about the database including version information, server name etc
Setting the options RHOSTS, PASS_FILE, VERBOSE we can brute-force attack the target for valid credentials. If the server is misconfigured or the passwords are weak we can find accounts that we can use in the next command. Here I am attacking to the “sa” account. The “sa” account is the DBO (db_owner) for all databases created on the server. The account has administrative privileges on the database.
[+] 172.16.226.131:1433 – MSSQL – successful login ‘sa’ : ‘password’
Setting the options RHOSTS,PASSWORD which are set from the previous command we can try to exploit the Server. The exploit uses the “xp_cmdshell” stored procedure to execute commands on the Server.
[*] Meterpreter session 1 opened
I am working on a new post about metepreter so stay tuned….
Aloha,
Here we go.
We need knowledge, we need tools and targets we need a lab environment.
It is illegal to try penetration procedures in live environments without the written permissions of the owner so a test environment is a must have. In a another post I will analyze how we can create a lab environment, for now lets see a list in no particular order of toolkits and targets. Luckily enough there are plenty out there.!
This list will always be updated .
Penetration Toolkits
These are live CDs or DVDs. I am not going to analyze any of this right now. I am using the Backtrack linux distribution probably because is the first one I started with or…….
