Statement before class:
1. This sharing is only for learning exchanges, please consciously abide by laws and regulations!
2. Search: Kali and programming, learn more online*** dry goods!
3. Kali and programming are updated on time every day, please learn and pay attention!
Text part
1. Background introduction
Metasploit is a vulnerability framework. Its full name is The Metasploit Framework, or MSF for short. As the most popular tool in the world, Metasploit is not only because of its convenience and power, but also because of its framework. It allows users to develop their own vulnerability scripts for testing. So how to use Metasploit (msf) to blast Mysql weak passwords? Let us study together next!
2. Resource equipment
1. A virtual machine with Kali Linux installed
2. A target machine with a Sql server built;
3. A Xiaobai ready to go.
3. Strategic arrangement
3.1 Start the Sql server service in the database server, as shown in the figure below.
3.2 Open the TCP/IP service in the database software, as shown in the figure below.
3.3 Turn off the firewall of the Windows target machine, as shown in the figure below.
Steps: Open the firewall settings page/close the firewall/OK
3.4 Check the IP address of the victim's target machine, as shown in the figure below.
Command: ipconfig
3.5 Use the "nmap" tool in Kali to collect information, as shown in the figure below.
Command: nmap -sV 192.168.0.101
3.6 The scan result of the target host is shown in the figure below.
Port: 49156 Protocol: TCP Service: ms-sql-s Version: Server 2008 R2
3.7 Open the Metasploit (msf)*** framework in silent mode to collect information on the target host, as shown in the figure below.
Command: msfconsole -q
3.8 Use the *** test framework to scan the target host service for vulnerabilities, as shown in the figure below.
Command: search mssql_ping
3.9 Use the retrieved vulnerability exploit module, as shown in the figure below.
3.10 Set relevant *** parameters and run *** module, as shown in the figure below.
Command: set rhosts 192.168.0.101
Command: run
3.11 Organize the scanned information to facilitate the actual combat in the next chapter.
Hard work and originality, every time you comment, like and follow, it is our continuous creative motivation! You can also search: Kali and programming, learn more Kali Linux *** and white hat programming skills!
Click me to learn more Kali Linux*** testing and network*** practical skills!