Aloha,
Lets see how we can use the Metasploit framework to sniff the victim’s network and what we can get from that.
Our Lab:
A MacBook with Vmware Fusion on it.
Target: A Virtual Guest with Windows XP SP3 with two Ip addresses 172.16.225.10 , 192.168.0.10
Attacker: A Virtual Guest with Backtrack 5R1 with the Ip address 172.16.225.251
The Steps:
- Running pingsweep to find the victim’s IP.
- Running Nmap to find possible vulnerabilities.The victim is running a ftp server.
- NC to the port to grub the banner.
- Searching Metasploit for exploit.
- Going to exploitdb to search more.
- Downloading the exploit.
- Putting the exploit in the Metasploit Framework.
- Exploiting the victim using a meterpreter payload.
- Use of the ipconfig command on victim reveals one more ip subnet
- Use sniffer.
- Starting the sniffer on the proper interface.
- Waiting for the sniffer to grub some packets.
- Downloading the pcap file for further analysis.
- Openning the file in Wireshark
Let’s go….
The Pcap file shows our victim trying to find the local master browser so it sends a Get Backup List Request and the master browser with the ip address of 192.168.0.1 sends a GET Backup List Response.
So now we know another IP address in the network……..end of Part 1.!
At the next part we will see the exploitation of the new host.
Ңі there, You’ve done an incredible job. I’ll definitely diǥg іt and personally recommend to my friends.
I’m confident they will be benefited from this ѕite.