![]() This result was expected although undesirable, given the results in my earlier posts. Result: Blue screen of death on host when using Metasploit in virtual machine to send specially crafted packets to host's internal IP to try to crash it using vulnerability in MS12-020. This result was expected, since Windows 7 Firewall was using Public network location. Result: No apparent effect on host when using Metasploit in virtual machine to send specially crafted packets to host's internal IP to try to crash it using vulnerability in MS12-020. Test #1: virtual machine uses Bridged Adapter ![]() I installed Metasploit in a virtual machine. This image uses Windows 7 Firewall with network location=Public (the most restrictive location). I restored an older image of my host, one that is vulnerable to MS12-020. Note: I disabled a few Windows services in my host, so your results may differ from mine.Ĭlick to expand.I did a further test on this. I also verified with Hercules that data sent from inside the virtual machine was indeed received by host. You can use CurrPorts to see what processes these ports correspond to:ġ35: C:\Windows\system32\svchost.exe (services RpcEptMapper, RpcSs)Ĥ9153: C:\Windows\system32\svchost.exe (services AudioSrv, Dhcp, eventlog, lmhosts, wscsvc)Ĥ9154: C:\Windows\system32\svchost.exe (services AeLookupSvc, Appinfo, EapHost, gpsvc, IKEEXT, iphlpsvc, LanmanServer, ProfSvc, Schedule, seclogon, SENS, ShellHWDetection, Themes, Winmgmt, wuauserv)Ĥ9156: C:\Windows\system32\lsass.exe (services EFS, KeyIso, SamSs) Subtracting these "phantoms" leaves these open ports on the host reachable from the virtual machine: Here are the open ports listed in an Nmap TCP port scan (all ports tested) of a non-existent host from inside a virtual machine that uses NAT mode: Click to expand.Here are the open ports listed in an Nmap TCP port scan (all ports tested) of the host (Win 7 圆4) from inside a virtual machine that uses NAT mode:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |