Metasploit Sniffing victim’s network

Aloha,

Lets see how we can use the Metasploit framework to sniff the victim’s network and what we can get from that.

Our Lab:
A  MacBook with Vmware Fusion on it.
Target: A Virtual Guest with Windows XP SP3 with two Ip addresses  172.16.225.10 , 192.168.0.10
Attacker: A Virtual Guest with Backtrack 5R1 with the Ip address 172.16.225.251

The Steps:

  • Running pingsweep to find the victim’s IP.
  • Running Nmap to find possible vulnerabilities.The victim is running a ftp server.
  • NC to the port to grub the banner.
  • Searching Metasploit for exploit.
  • Going to exploitdb to search more.
  • Downloading the exploit.
  • Putting the exploit in the Metasploit Framework.
  • Exploiting the victim using a meterpreter payload.
  • Use of the  ipconfig command  on victim reveals one more ip subnet
  • Use sniffer.
  • Starting the sniffer on  the proper interface.
  • Waiting for the sniffer to grub some packets.
  • Downloading the pcap file for further analysis.
  • Openning the file in Wireshark

Let’s go….

The Pcap file shows our  victim trying  to find the local master browser so it sends a Get Backup List Request and the master browser with the ip address of 192.168.0.1 sends a GET Backup List Response.

So now we know another IP address in the network……..end of Part 1.!
At the next part we will see the exploitation of the new host.

 

Tagged , , . Bookmark the permalink.

One Response to Metasploit Sniffing victim’s network

  1. online bingo says:

    Ңі there, You’ve done an incredible job. I’ll definitely diǥg іt and personally recommend to my friends.

    I’m confident they will be benefited from this ѕite.

Leave a Reply

Your email address will not be published. Required fields are marked *