Exploiting services using exploit-db scripts
In this recipe we are going to exploit the Windows SMB service ms08_067 using exploit code outside the Metasploit framework. A pentester often relies on Metasploit for his\her pentesting activities, however it is important to understand that these are custom scripts that are run and take a dynamic input of remote host port to connect to and so on. In this recipe, we will see how to tweak a vulnerability script to match our target and exploit it successfully.
Getting ready
For this recipe, we will need to use the vulnerable windows machine we have been testing, and the rest of the tools and scripts that are available in the Kali machine itself.
How to do it...
- Let us first see how to use
searchsploitto ...
Get Kali Linux Intrusion and Exploitation Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
