How to Exploit Windows XP using Metasploit and Nessus ~ Information Technology Security Blog

Friday, January 27, 2012

How to Exploit Windows XP using Metasploit and Nessus

9:01 AM 1 comment

In this tutorial we use Windows XP in Virtual Machine. We assumed that we have known the IP target. Here the onnection between Windows XP as target and LInux...

Picture 1. IP Linux : 192.168.1.144

Picture 2. IP Windows: 192.168.1.145

Picture 3. Checking Windows Connection in LInux

Picture 4. Checking LInux Connection in Windows

Now, we try to analyze the vulnerability of the target using Nesus. So, open Nessus, Click tab scan, click add.

Then write name of the case, type : Run Now, Policy : Internal Network Scan, Scan Target : (Fill this with IP target in this case is 192.168.1.145), then cluck Launch Scan.

Picture 5. Adding Scan Target

You can see the list of Vulnerabiity.

Picture 6. Adding Scan Target

To make it more focus in exploiting, you can filter it by clicking "Show Filter". Then check "Exploits Exist"

Picture 7. Filters

Now we have less number of vulnerability, click it...

Picture 8. The list of port of filtering vulnerability

You will see picture 9.

Picture 9. The list of filtering vulnerability

We have two kind of vulnerabilities in port 445, choose the high severity one. You will see the detail information e.g. about description and solution of the vulnerability, See the header in the plugin name : MS08-067..., we will use this number for metasploit.