Scribd
Upload
68 views

Metasploit

The document discusses using Metasploit to scan a Windows machine on a network for vulnerabilities, exploit the MS17-010 vulnerability using a Metasploit exploit to get meterpreter shell access as the root user, dump password hashes, crack the Admin password hash with John the Ripper, find and download a congrats.txt file from the target machine.

Uploaded by

contact
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
68 views

Metasploit

The document discusses using Metasploit to scan a Windows machine on a network for vulnerabilities, exploit the MS17-010 vulnerability using a Metasploit exploit to get meterpreter shell access as the root user, dump password hashes, crack the Admin password hash with John the Ripper, find and download a congrats.txt file from the target machine.

Uploaded by

contact
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Metasploit

Let's first find our ip.

Now we can scan our network to find alive hosts.

Let's do an nmap scan.

1/4
We know it is a windows machine. Let's use an nmap script to scan for possible vulnerabilities.

It is vulnerable to MS17-010. We can now go to msfconsole and search for an exploit.

2/4
We found one. Let's use it and exploit the machine.

We got the meterpreter shell. Let's check who we are on the machine.

We are root user. Let's dump the hashes on the system.

3/4
We got the password hashes. Let's crack the Admin password using john.

We got it. Now, let's search for the congrats.txt file.

Let's print it out.

Great! Now, let's try to download it to our local machine.

We got it.

4/4

You might also like