Metasploit

Grandpa

Dec 31, 2020 TJNull's List Windows Metasploit

Introduction: The “grandpa” is an easy windows machine with a CVE exploit using metasploit. Since the machine is very old, its also vulnerable to many other exploits that you can chose from for the privilege escalation at the end. The key takeaways for me were Based on the CVE you are exploiting, determine …

Devel

Dec 23, 2020 TJNull's List Windows IIS Metasploit

Introduction: This is a windows machine running IIS server, FTP service and presents few exploitable vulnerabilities. Its a very easy machine and I avoided using metasploit to work on this machine as I want to avoid/limit the usage as much as possible keeping the OSCP in mind. Recon Nmap output 1Nmap scan report for …

Blue

Dec 21, 2020 TJNull's List Metasploit Windows

Introduction: Recon 1# nmap -sS -sV -sC -T4 -oN nmap.blue.txt 10.10.10.40 2Starting Nmap 7.91 ( https://nmap.org ) at 2020-12-21 20:24 EST 3Nmap scan report for 10.10.10.40 4Host is up (0.015s latency). 5Not shown: 991 closed ports 6PORT STATE SERVICE VERSION 7135/tcp open msrpc Microsoft Windows RPC 8139/tcp open …

Granny

Dec 10, 2020 TJNull's List Metasploit Windows

Introduction: The “granny” is a windows box and very similar to the “grandpa” box in terms of the exploits and privesc. You will be exploiting an IIS CVE to gain initial access to the machine, then migrate your process and use one of the many possible exploits to do a privilege escalation. Recon …