Video: DCOM Attack with Metasploit’s Meterpreter

| October 4, 2006

Active Image
Active Image del.icio.us

Discuss in Forums {mos_smf_discuss:Gates}

Follow along as we perform the following hack:

  • Use the MSF 2.6 Web Interface to exploit a host with the DCOM exploit.
  • Explore the Meterpreter payload and its various options.
  • Upload Pwdump2 to dump the SAM hashes then delete the evidence. Alternatively we could have loaded the SAM module and used that to dump the hashes.

From the Metasploit Project:

The Meterpreter is an advanced multi-function payload that can be dynamically extended at run-time. In normal terms, this means that it provides you with a basic shell and allows you to add new features to it as needed. Please refer to the Meterpreter documentation for an in-depth description of how it works and what you can do with it. The Meterpreter Manual can be found in the "docs" subdirectory of the Framework as well as online. 

Enjoy and keep an eye out for future videos. Feel free to post comments and suggestions for future videos.

Thanks,
Chris Gates

Category: Gates

Comments are closed.