1. Manual exploitation of SAMBA usermap script vulnerability
Samba connects to the target machine with the vulnerability.
Set up the monitor module. And set the payload to run after setting parameters for cmd/unix/reverse
, and then use sambaclient to connect to the target machine.
2. Manual use of vsftpd2.3.4
smbusermap reinforcement method:
vim /etc/samba/smb.conf
注释:username map script = /etc/samba/scripts/mapusers.sh
vsftpd reinforcement method;
vim /etc/vsftpd.conf
将local_enable = YES改为local_enable=NO