White hat *** teach Kali Linux: the original database password can be compromised like this auxiliary article

Enterprise 2020-10-24 14:12:09 views: null

Statement before class:
1. This sharing is only for learning exchanges, please consciously abide by laws and regulations!
2. Search: Kali and programming, learn more online*** dry goods!
3. Kali and programming are updated on time every day, please learn and pay attention!
Text part
1. Background introduction
Metasploit is a vulnerability framework. Its full name is The Metasploit Framework, or MSF for short. As the most popular tool in the world, Metasploit is not only because of its convenience and power, but also because of its framework. It allows users to develop their own vulnerability scripts for testing. So how to use Metasploit (msf) to blast Mysql weak passwords? Let us study together next!
2. Resource equipment
1. A virtual machine with Kali Linux installed
2. A target machine with a Sql server built;
3. A Xiaobai ready to go.
3. Strategic arrangement
3.1 Start the Sql server service in the database server, as shown in the figure below.
Insert picture description here

3.2 Open the TCP/IP service in the database software, as shown in the figure below.
Insert picture description here

3.3 Turn off the firewall of the Windows target machine, as shown in the figure below.
Steps: Open the firewall settings page/close the firewall/OK
Insert picture description here

3.4 Check the IP address of the victim's target machine, as shown in the figure below.
Command: ipconfig
Insert picture description here

3.5 Use the "nmap" tool in Kali to collect information, as shown in the figure below.
Command: nmap -sV 192.168.0.101
Insert picture description here

3.6 The scan result of the target host is shown in the figure below.
Port: 49156 Protocol: TCP Service: ms-sql-s Version: Server 2008 R2
Insert picture description here

3.7 Open the Metasploit (msf)*** framework in silent mode to collect information on the target host, as shown in the figure below.
Command: msfconsole -q
Insert picture description here

3.8 Use the *** test framework to scan the target host service for vulnerabilities, as shown in the figure below.
Command: search mssql_ping
Insert picture description here

3.9 Use the retrieved vulnerability exploit module, as shown in the figure below.
Insert picture description here

3.10 Set relevant *** parameters and run *** module, as shown in the figure below.
Command: set rhosts 192.168.0.101
Command: run
Insert picture description here

3.11 Organize the scanned information to facilitate the actual combat in the next chapter.

Hard work and originality, every time you comment, like and follow, it is our continuous creative motivation! You can also search: Kali and programming, learn more Kali Linux *** and white hat programming skills!
Click me to learn more Kali Linux*** testing and network*** practical skills!

Guess you like

Origin blog.51cto.com/14308022/2543157
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com