Name Current Setting Required Description Module options (exploit/unix/misc/distcc_exec): We can now see the available settings with the options command: msf5 exploit(unix/misc/distcc_exec) > options To load the module, type use followed by the full path of the module: msf5 > use exploit/unix/misc/distcc_exec # Name Disclosure Date Rank Check DescriptionÄ exploit/unix/misc/distcc_exec excellent Yes DistCC Daemon Command Execution We can search for the exploit using the search command: msf5 > search distcc ![]() Unfortunately, this version of the program allows a remote attacker to execute arbitrary commands on the server. Metasploitable contains a vulnerable service called distccd, which is used to distribute program compilation across multiple systems, speeding things up by taking advantage of combined processor power. ***rting the Metasploit Framework console.\ Type msfconsole in the terminal to launch it. The first thing we need to do is get a session with low privileges on the target. You can set up or use a similar pentesting lab - or the same one - to follow along with the guide below. To run through the process, we're using Kali Linux as the attacking machine and Metasploitable 2 as the target. ![]() We could go the manual route, but like always, Metasploit makes it easy to perform local privilege escalation and get root with its exploit suggester module. Now what? Privilege escalation is a vast field and can be one of the most rewarding yet frustrating phases of an attack. So you've managed to get a shell on the target, but you only have measly low-level privileges.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |