The Ethical Hacker Network - Video: DCOM Attack with Metasploit's Meterpreter

Latest Additions

EH-Net Login

Welcome Guest.

Lost Password?

No account yet? Register

Who's Online
We have 45 guests and 1 member online

EH-Net News Feeds
Latest Additions

You are here: Home

Columns

Gates

Video: DCOM Attack with Metasploit's Meterpreter

del.icio.us

Discuss in Forums

(5)

Follow along as we perform the following hack:

Use the MSF 2.6 Web Interface to exploit a host with the DCOM exploit.
Explore the Meterpreter payload and its various options.
Upload Pwdump2 to dump the SAM hashes then delete the evidence. Alternatively we could have loaded the SAM module and used that to dump the hashes.

From the Metasploit Project:

The Meterpreter is an advanced multi-function payload that can be dynamically extended at run-time. In normal terms, this means that it provides you with a basic shell and allows you to add new features to it as needed. Please refer to the Meterpreter documentation for an in-depth description of how it works and what you can do with it. The Meterpreter Manual can be found in the "docs" subdirectory of the Framework as well as online.

Enjoy and keep an eye out for future videos. Feel free to post comments and suggestions for future videos.

Thanks,
Chris Gates

< Prev		Next >

[ Back ]

Global Knowledge Training: Build Security Skills to Protect and Defend

Offensive Security
AWE Live in the Caribbean!
March 5 - 9, 2012

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format! Coupon Code: Refer_EHN Including SANS Phoenix 2012, SANS 2012

Recent Forum Topics

Calendar Of Events : ROOTCON 6 (0) by don
Links to cool sites. : The InterN0T Forums are back! (13) by vp75
Network Pen Testing : Where and how to gain knowledge? (25) by pharmerjoe
Security : Overview of New CISSP Domains Effective January 1, 2012 (1) by shaqazoolu
Network Pen Testing : Packet Capture on Cisco Router (1) by 3xban
News from the Outside World : VeriSign Hacked Several Times, Won't Reveal the Details (0) by don
Web Applications : Some questions as usual ? (1) by dynamik
Calendar Of Events : CarolinaCon 8 (1) by SephStorm
Links to cool sites. : IRC Channels (11) by Jamie.R
Network Pen Testing : choice of university (0) by pushaaaz
Hadnagy : [Article]-Top 5 Tips To Make Social Engineering Your Career (9) by lorddicranius
Forensics : Printer history (4) by TheInvisible
OSCP - Offensive Security Certified Professional : Hardware for OSCP (3) by j0rDy
Calendar Of Events : WorldToor (0) by don
Calendar Of Events : ToorCamp 2012 (0) by don
Calendar Of Events : HOPE Number Nine (0) by don
News Items and General Discussion About EH-Net : [Article]-February 2012 Free Giveaway Sponsor - Global Knowledge (3) by 3xban
Programming : Open source security projects to participate in? (7) by 3xban
Compliance, Regulations & Standards : InfoSec Clauses to be included in SLAs (1) by dynamik
Tools : Combining Wordlists (4) by Jamie.R
Calendar Of Events : BSidesSanFrancisco 2012 (2) by lorddicranius
Calendar Of Events : DEF CON 20 (1) by dynamik
Calendar Of Events : DerbyCon 2.0 - The Reunion (1) by dynamik
Calendar Of Events : SecureWorld Expo Boston 2012 (0) by don
Looking For Work : looking for a summerjob (0) by pushaaaz
Calendar Of Events : HITBSecConf 2012 - Amsterdam (0) by don
Calendar Of Events : OWASP AppSec DC 2012 (0) by don
Calendar Of Events : OWASP AppSec Research 2012 (0) by don
Calendar Of Events : OWASP AppSec Asia 2012 (0) by don
Web Applications : Please help me with PHP injection(Some command not working) (11) by MaXe
Book Reviews : Recomended book for Pen Tester (29) by MaXe
Calendar Of Events : BSidesChicago 2012 (0) by don
General Certification : Is it true? (5) by dynamik
Calendar Of Events : BSidesLondon 2012 (0) by don
Calendar Of Events : BSidesIowa 2012 (0) by don
Calendar Of Events : BSidesPHX 2012 (0) by don
Calendar Of Events : Notacon 9 (0) by don
Network Pen Testing : Capture the Flag competitions (14) by seanuk
Tutorials : Securitytube Metasploit videos (11) by Jamie.R
Security : SANS security courses too expensive? (15) by lorddicranius
Programming : Joe McCray Python for Security Professionals (6) by lorddicranius
Calendar Of Events : RSA Conference 2012 (1) by don
Network Pen Testing : SEC709: Developing Exploits for Penetration Testers and Security Researchers (2) by pharmerjoe
Other : You... Shmoo? (Meet-up Thread) (7) by tturner
Web Applications : Best tools for non-intrusive scans (16) by eyenit0
Looking For Work : Help me with my Resume (4) by dear_hacker
Other : Third party VPN services question? (8) by dynamik
Social Engineering : Email engineering (10) by nytfox
Web Applications : How to test if website is writable (13) by nytfox
Web Applications : Red flags for a website's security? (7) by nytfox

Try CBT Nuggets Free!