Exploiting services using exploit-db scripts
In this recipe we are going to the Windows SMB service ms08_067
using exploit code outside the framework. A pentester often relies on Metasploit for his\her pentesting activities, however it is important to understand that these are custom scripts that are run and take a dynamic input of remote host port to connect to and so on. In this recipe, we will see how to tweak a vulnerability script to match our target and exploit it successfully.
Getting ready
For this recipe, we will need to use the vulnerable windows machine we have been testing, and the rest of the tools and scripts that are available in the Kali machine itself.
How to do it...
- Let us first see how to use
searchsploit
to search forms08-067
vulnerability in theexploit-db
database, using the following command:
searchsploit ms08-067
The output will be as shown in the following screenshot:
- We can see that a Python script is available called "Microsoft Windows - 'NetAPI32.dll' Code Execution...