Recently infiltrated after school, first experiment to obtain the normal session
virtual machine experimental environment : 1. Kali 2.
Win7
experimental steps:
1. Open the msfconsole console in the kali terminal
2. Enter the listening module
3. Open a terminal again to proceed (shift +ctrl+T), check the ip of the machine
4. Use msfvenom to make a Trojan horse.
Description: -p payload (payload) Generally speaking, the payload is used to establish a stable connection between the target machine and the attack machine. You can return to the shell
-e encoding method
-i encoding times
-b values to avoid in the generated program
-f exe to generate exe format
description: here -a represents the system structure, it needs to be the same as your attacking machine system, 32-bit operating system uses x86, 64-bit Operating system uses x64
-platform platform to choose windows
-p windows/meterpreter/reverse_tcp bounce
lhost is the listening host, that is, the ip address of kali Lport
is the listening port
5. Pass the Trojan to the target host
here, use python -m SimpleHTTPServer 800 to build an http Service, provide a web page for file browsing to port 800
6. Open the target machine win7, enter the address to download the Trojan horse and save it on the desktop.
There will be an echo during the downloading process
7. Return to the second step interface, set the monitoring host
8. View the configuration
You can see that the setting is complete
9. Run
10. Open the msf.exe Trojan file in win7 and check the msf console again.
You can see the session.
11. Check the session. If it is a meterpreter at this time, enter background to return to msf exploit(multi /handler)
So we have a normal session, after which I will continue to update and elevate permissions
After penetration, obtain an ordinary session through msfconsole
Guess you like
Origin blog.csdn.net/bring_coco/article/details/109519024
Ranking