Delivering a payload with metasploit

General technological topics without their own forum go here

Delivering a payload with metasploit

Post by ampakine on Sun Aug 14, 2011 11:15 pm
([msg=60904]see Delivering a payload with metasploit[/msg])

Sorry if this is the wrong forum, couldn't find a more suitable one. I wanna learn how to use metasploit so I installed an exploitable version of a program on a Windows 7 VM so I can exploit it. I'm not too sure how to do it though. First I set the exploit to an exploit for the particular old version of the program I installed. In this case its an exploit for an old version of flash player for IE I think. Then I set the LHOST host to myself, the RHOST to the victim and LPORT and RPORT to 4321. I then set the payload to windows/meterpreter/reverse_tcp. I typed "exploit" and hit enter but rather than opening up the meterpreter shell it told me "server started" or something. Does that mean its a passive exploit which will only run if I point the victims browser to the server IP?

Anyhow I pointed the victim browser to the servers IP but rather than a meterpreter shell being opened, this is what the console said:
[-] 192.168.1.24:49529 Unknown user-agent

192.168.1.24 is the victims IP but I don't know whether this means the exploit worked or not.
ampakine
Experienced User
Experienced User
 
Posts: 65
Joined: Tue May 31, 2011 5:21 pm
Blog: View Blog (0)


Re: Delivering a payload with metasploit

Post by centip3de on Sun Aug 21, 2011 8:07 pm
([msg=61079]see Re: Delivering a payload with metasploit[/msg])

ampakine wrote:Sorry if this is the wrong forum, couldn't find a more suitable one. I wanna learn how to use metasploit so I installed an exploitable version of a program on a Windows 7 VM so I can exploit it. I'm not too sure how to do it though. First I set the exploit to an exploit for the particular old version of the program I installed. In this case its an exploit for an old version of flash player for IE I think. Then I set the LHOST host to myself, the RHOST to the victim and LPORT and RPORT to 4321. I then set the payload to windows/meterpreter/reverse_tcp. I typed "exploit" and hit enter but rather than opening up the meterpreter shell it told me "server started" or something. Does that mean its a passive exploit which will only run if I point the victims browser to the server IP?

Anyhow I pointed the victim browser to the servers IP but rather than a meterpreter shell being opened, this is what the console said:
[-] 192.168.1.24:49529 Unknown user-agent

192.168.1.24 is the victims IP but I don't know whether this means the exploit worked or not.


If it exploits something that is on the browser, I would assume that it would be a BROWSER EXPLOIT. But, I'll leave this here.
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1423
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Re: Delivering a payload with metasploit

Post by ampakine on Thu Sep 01, 2011 10:57 pm
([msg=61338]see Re: Delivering a payload with metasploit[/msg])

I've been googling for a long time now but cannot find sufficient info on metasploit and exploits/payloads. The tutorials around just give you instructions on how to run a specific exploit but don't explain anything. What I'm looking for is a tutorial that explains things in detail. For example a tutorial I followed which instructed me to use one of those browser exploits didn't explain what was going on at all so being a noob I didn't even know what was being exploited, how it was being exploited, what the payload does (they say it opens up a meterpreter shell but I don't know what that means) and what the purpose of running that particular payload is.

I know that a specific payload can only be run with certain exploits but what determines this? For example I've observed the meterpreter payload being run after various exploits in the tutorials I've read but what makes meterpreter compatible with those particular exploits? Is it specific classes of exploits (i.e. buffer overflows) that allow specific payloads to be ran? What exactly does meterpreter do? I've read that it opens a shell plenty of times but does that mean it opens a shell to the kernel of the machine running the program? For example say I exploit flashplugin-nonfree on a Fedora computer and run the meterpreter payload does that mean it will open up a shell which I can run linux commands on?
ampakine
Experienced User
Experienced User
 
Posts: 65
Joined: Tue May 31, 2011 5:21 pm
Blog: View Blog (0)



Return to General

Who is online

Users browsing this forum: No registered users and 0 guests