Windows Exploit Development Basics
◾
287
Next, we configure the multihandler to listen to connections on port 1337:
As soon as we execute this exploit code, we have a command shell on the victim’s machine:
Generating Metasploit Module
We can easily use mona to generate a Metasploit module for our exploit code.
For this to work,
we need to generate a pattern with mona and then use our skeleton to send the pattern to our
program. To generate a pattern of 700 characters, use the following command:
!mona pc 700
Upon execution, the program would
be paused inside the debugger, and then we run the fol-
lowing command to suggest a module:
Command
:
!mona suggest –cpb "\x00\x0a\x0d"
Next, it will ask what type of exploit skeleton to build; since FTP runs on TCP, we would
choose network client (tcp).
288
◾
Ethical Hacking and Penetration Testing Guide
Next, it will ask the port on which
the FTP server is running; this command would be fed
inside of the lport, which we can change later.
Once you click “Ok”, it will automatically generate a Metasploit module for you; however, to
make it work, you still need to make a few edits to the code. We can see
that the code already has
the bad characters \x00\x0a\x0d due to the cpb option we defined.
Dostları ilə paylaş: 
