Exploit The XP SP3

from the other duty that I get, I think this is the most difficult. Exploit the win xp sp3. I don't have any idea how I must start. When in the class the assistant does not explain what must to do. he only say use the nessus to gather information and catch something vulnerable. And then use the exploitdb.

Ok to the point aja... to start the nessus as we know that nessus walk on 8834 port so just type in the address bar https://localhost:8834 wait for a while and login using the username and password that we was enter before.

Ok after we enter the right username and password we will enter the nessus page like picture bellow.

On the picture above choose scan so we will make a new project scaner and just enter the add button

enter the name of our project type etc just like picture bellow and click launch scan

after we press Launch scan, the scan will began and wait until the process done.

 Se that the scan get six high result that we can exploit. On it. To see the detail just double click on it. And if we wanna see the detail just click and nessus will tells us the detail

if we click so will show detail like picture bellow

using nessuss done. It's time to use the meta exploit or exploit db honestly until now to many question about how to use the exploit?? how.. how.. and how....?? I try to ask google some help but I did not get the right answer.

Omg Alhamdulilahirobilalamin.. puji tuhan thanks god masyaallah at least I understand how to use it... emh.... now 21.11 at 02 februari 2012.. I know.. I know.. I know...

after round-round (puter-puter) and searching searching at least I understand. Ok do not to many talk we directly go to the case. We found MS09-001 just search in the meta exploit.

eh... before do that first we must enter to the meta exploit first by typing msfconsole

and we will enter to the meta-exploit console and then type search ms09-001 remember that ms09-001 is the clue that we get from the nessus scan. Ok not to many talk just see our detail picture bellow

based picture above we know that there some exploit found. Nah... this is the big question that I have finally break. How to use this exploit?????? it's simply just type

use auxiliary/dos/windows/smb/ms09_001_write

 the next step is set the rhost by typing rhost 192.168.43.128. remember that our target is 192.168.43.128 and pres enter. The next step is type exploit.

Binggo and what the result?? the result is the win_xp sp3 in virtual box restart. I dificult to proof it in the blog but this picture bellow can Represented it.

I wanna try another bug. We found six bug right :D :D :D the next bug is MS08_067

oh my god I found some think new on it.. I found meterpreter and I don't know what must to do with it.

Whoooooooooohohohohohohoho.... What I have found??

I try to use ls command and I get all directory in the windows. Nice it is very nice..... Thank to god...

that is all my experience to night... this is not the end bu this is the beginning. it is my first experience and will be my best experience. I'l never forget how happy I'm... I always say Alhamdulilahiroibbil alamin... puji kepada tuhanku Allah SWT tuhan sekalian alam...