Exploitation windows in virtualbox

This time I will discuss how to exploit a system in virtualbox. first of all do information gathering, here I use nmap,
  


after completion.
the result will be we match with the results from nessus.

 

click on the search target ip port that has a high level of risk.


  

after we match, immediately look for open ports and has a high severity, and we are looking for and execution exploits to metasploit console,
search do exploit with parameters
search [name of the exploit]


then use these exploits with the command
use [exploit]
RHOST set as the target computer and LHOST as an attacker or our IP 

payloads also sets the method used, here I use the adduser

 
and last is the execution
type the command exploit

  
The following results

  

Comments

Post a Comment

Popular posts from this blog

EXE file structure

Image
I 'll try to explain how a structure file extension .EXE. EXE is a common file extension indicates an executable file ( program) in the DOS , OpenVMS , Microsoft Windows , Symbian , and others. In addition to the executable program , many EXE files contain other components called resources, such as bitmaps and icons which the executable program to be able
Read more

Filesystem Structure

Image
For this time I will explain about a system file structure there are some that I will explain , among others, are : FAT16 FAT32 NTFS EXT2 EXT3 starting from the first , which is FAT16   FAT16 we start from the first FAT . What is FAT ? FAT File System that is used in Windows Operating System . FAT 's name comes from the use of tables that focus on areas where information is empty or may not be used . To limit the size of the table , the disk space allocated to files in hardware sector groups are adjacent , so-called developing cluster. When disk drive , the maximum number of clusters also
Read more

Introduction Maltego

Image
What is maltego ? Maltego are tools for OSINT (Open Source Intelligence Gathering ) , so OSINT is a method of searching the information available to the public and then analyzed and used for certain purposes maltego also an open- source intelligence and forensics application . This allows for the mining and gathering information and presenting this information in a meaningful way .
Read more