Saturday, August 5, 2017

Vulnerable OS - Windows 2000


Key Tool Used:-  nmap
                               DB exploit
                               Nessus


Turn on the windows 2000 and kali linux on a virtual environment.

1).find the IP address of win2000 machine
Run->cmd

Type ipconfig


2).find the IP address of kali linux
Run->cmd
Type ifconfig
And
Start Nessus


3) So for our first scan we have to go to the Scan Templates tab
Select new scan.(using Nessus tool)


4) If you go to the Result tab you in there you can see the scan populate in real time ;The vulnerabilities are broken down into categories related to the severity of the vulnerability

Purple-critical
Red-High
Orange-Medium
Green-low
Grey-Information


5) This report will shows vulnerabilities that can be exploited.



Now we can exploit the vulnerabilities
To start metasploit open a terminal, start by initializing the database and the web server.







Vulnerabilities

  •      MS06-040

    Now I’m in msfconsole now I can search vulnerability to exploit the windows server.






We are in; I got the screen shot in windows server 2000 using this vulnerability




  •  MS03-026:Microsoft RPC Interface Buffer Overrun(823980)







  • MS04-011 Security update for Microsoft windows (835732)






Thankyou!
If any concern you are feel free to comment :)
B/R
Pamoda P. Perera
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)