AdSense

Friday, June 10, 2016

METASPLOIT - Linux - Samba


LINUX - SAMBA

- Layout for this exercise:




- The attacker scans possible open ports and servicies at the victim's machine using NMAP:





- On port 139 the victim is running Samba, service used for File Sharing that in this case suffers from a vulnerability. Metasploit provides the usermap_script exploit to take advantage of that vulnerability:




- Let's set the payload to cmd/unix/reverse:




- Required options include remote host (victim) and local host (attacker):




- Setting remote host's IP:




- Setting attacker's IP:




- Launching the exploit, the result is a remote shell that allow postexplotaition of the victim:



- For instance, from the remote shell both /etc/passwd and /etc/shadow content can be discovered: