Skip to main content

Exploit Windows 2000 machine using the Metaspolit framework from the Kali Linux machine.


Exploit Windows 2000 machine using the Metaspolit framework from the Kali Linux machine.

When the windows 2000 the machine came for public use, many vulnerabilities were identified. This was caused by the number of vulnerabilities in IIS services. Many attacks came from remote sources through the internet and there were critical flaws due to the vulnerable encryption methods.
From this article how the vulnerabilities of windows would be identified using Nessus, and exploit it using Metasploit in kali machine will be described. To do it I am using my main operating system (OS) kali and virtual machine windows 2000. For that IP range of both machines should be in the same range to ensure those are in the same network. Therefore network setting was fix as bridge adaptor in windows virtual machine.


Check IP of kali using ifconfig



Check IP of windows using ipconfig



Then Nessus vulnerability scanner is used to find the available vulnerability in Windows 2000.Start Nessus server,
sudo service nessusd start 


Now type start the Nessus web server in the browser by typing, https://127.0.0.1:8834

Login to the Nessus server. (If you login to the server using invitation code only, you can have plugins for scanning.)

Select new scan à select advanced scan à then enter the name of the scan and victim machine’s IP à save.



                       
After the scan is ready, click launch to start the scanning for a windows machine.

Scanning will be finished after the vulnerability report is generated.

To see critical vulnerabilities click on the mixed ranked section.

Afterward, select one vulnerability and note down a vulnerability number.

      


The Metasploit framework has inbuilt exploits for predefined vulnerabilities. So here Metasploit is used to exploit the victim's windows machine. Before starting, The Metasploit framework, apache2 server, and PostgreSQL database need to be started.

Sudo service apache2 start à sudo service postgresql start


To exploit the windows 2000 machine, the Metasploit console should be needed. Hence type,
msfconsole


Search for available exploit for particular vulnerability.
Search <vulnerability name(number)>

Use the exploit to get the attack shell
Use <exploit name (matching module)>

To see Show options for attack,
Show options


Then set IP to exploit.
Set RHOST <IP address>


Finally, type exploit in msf console
Exploit

Now we got access to the windows machine successfully. Type pwd to see the current directory.



To get command shell of windows type
 execute –f cmd.exe –I –H


Here onwards we can execute any command in windows 2000 machine to do several tasks.




Comments

Post a Comment

Popular posts from this blog

Double Submit Cookie

Double submit cookie is one of the prevention method for Cross-Site Request Forgery ( CSRF ) . Same as the synchronizer token pattern, it is using a cryptographic random value to validate a request agent. However, the implementation is different since the way it is saved is dissimilar. Here, the generated token value is saved in the browser, not on the server. Therefore servers no need to save huge amounts of data. When a user makes a request, the server compared the token value in the form DOM element (in the body) and token in the cookie header of the request.  (Click on the images to view clearly) Source code of the implemented program can be downloaded from here . A login page, index.html has been implemented to enroll users. Once the user entered the credentials, the form data will be submitted to login_handler.php using POST method. If the username and password are correct, the user session is started and the username will be assigned to ...
Post a Comment
Read more

Plain Blue screen - Kali Linux

When user login to the kali machine, the screen may look plain blue color without any application icon due to the Gnome corruption. To recover gnome with all previously installed packages restart the machine. Select advanced options for kali GNU /Linux Then select *Kali GNU/Linux, with Linux 4.15.0-Kali2-amd64 (recovery mode) When the terminal finish, loading the contents, type root password to log in. To recover the Gnome, Type below command in the root user terminal,       sudo dpkg --configure -a Finally, you can get your previous Kali Linux as it was.
Post a Comment
Read more