Exploiting targets using MSF
MSF is equally effective against vulnerabilities in the operating system as well as third-party applications. We will take an example for both scenarios.
Single targets using a simple reverse shell
In this example, we'll exploit a buffer overflow exploit called DoublePulsar, which was designed particularly for the systems that are vulnerable to EternalBlue, which rocked the world with Wannacry ransomware in April, 2017. The vulnerability exists in the way that the SMB version was implemented in Windows—specifically, SMBv1 and NBT over TCP ports 445
and port 139
—which is used to share data in an insecure way. Exploitation results in arbitrary code execution under the context of the system user.
To initiate the attack, the first step is to open msfconsole
and set Metasploit to use
, as shown in the following screenshot:
Again, the exploit is a relatively simple exploit. It requires the tester to set a reverse shell (reverse_tcp
) from the compromised system back to...