Äú¿ÉÒÔ¾èÖú£¬Ö§³ÖÎÒÃǵĹ«ÒæÊÂÒµ¡£

1Ôª 10Ôª 50Ôª





ÈÏÖ¤Â룺  ÑéÖ¤Âë,¿´²»Çå³þ?Çëµã»÷Ë¢ÐÂÑéÖ¤Âë ±ØÌî



  ÇóÖª ÎÄÕ ÎÄ¿â Lib ÊÓÆµ iPerson ¿Î³Ì ÈÏÖ¤ ×Éѯ ¹¤¾ß ½²×ù Modeler   Code  
»áÔ±   
 
   
 
 
     
   
 ¶©ÔÄ
  ¾èÖú
metasploitÏÂWindowsµÄ¶àÖÖÌáȨ·½·¨
 
×÷Õߣºpwn_361 À´Ô´£º51CTO ·¢²¼ÓÚ£º2016-12-21
  2747  次浏览      29

ǰÑÔ

µ±ÄãÔÚ°®º¦ÕߵĻúÆ÷ÉÏÖ´ÐÐһЩ²Ù×÷ʱ£¬·¢ÏÖÓÐһЩ²Ù×÷±»¾Ü¾øÖ´ÐУ¬ÎªÁË»ñµÃÊܺ¦»úÆ÷µÄÍêȫȨÏÞ£¬ÄãÐèÒªÈÆ¹ýÏÞÖÆ£¬»ñÈ¡±¾À´Ã»ÓеÄһЩȨÏÞ£¬ÕâЩȨÏÞ¿ÉÒÔÓÃÀ´É¾³ýÎļþ£¬²é¿´Ë½ÓÐÐÅÏ¢£¬»òÕß°²×°ÌØÊâ³ÌÐò£¬±ÈÈ粡¶¾¡£MetasploitÓкܶàÖÖºóÉøÍ¸·½·¨£¬¿ÉÒÔÓÃÓÚ¶ÔÄ¿±ê»úÆ÷µÄȨÏÞÈÆ¹ý£¬×îÖÕ»ñÈ¡µ½ÏµÍ³È¨ÏÞ¡£

»·¾³ÒªÇó£º

1.¹¥»÷»ú£ºkali linux

2.Ä¿±ê»ú£ºWin 7

ÔÚÒѾ­»ñÈ¡µ½Ò»¸ömeterpreter shellºó£¬¼ÙÈçsessionΪ1£¬ÇÒȨÏÞ²»ÊÇϵͳȨÏÞµÄǰÌáÏ£¬Ê¹ÓÃÒÔÏÂÁгöµÄ¼¸ÖÖÌáȨ·½·¨£º

Ò»¡¢ÈƹýUAC½øÐÐÌáȨ

±¾·½·¨Ö÷ÒªÓÐÒÔÏÂ3¸öÄ£¿é¡£

ÉÏÃæÕâЩģ¿éµÄÏêϸÐÅÏ¢ÔÚmetasploitÀïÒÑÓнéÉÜ£¬ÕâÀï²»ÔÙ¶à˵£¬Ö÷Ҫ˵һÏÂʹÓ÷½·¨¡£ÒÔexploit/windows/local/bypassuacÄ£¿éΪÀý

¸ÃÄ£¿éÔÚwindows 32λºÍ64λ϶¼ÓÐЧ¡£

msf > use exploit/windows/local/bypassuac 
msf exploit(bypassuac) > set session 1
msf exploit(bypassuac) > exploit

±¾Ä£¿éÖ´Ðгɹ¦ºó½«»á·µ»ØÒ»¸öеÄmeterpreter shell£¬ÈçÏÂ

Ä£¿éÖ´Ðгɹ¦ºó£¬Ö´ÐÐgetuid·¢ÏÖ»¹ÊÇÆÕͨȨÏÞ£¬²»ÒªÊ§Íû£¬¼ÌÐøÖ´ÐÐgetsystem£¬Ôٴβ鿴ȨÏÞ£¬³É¹¦ÈƹýUAC£¬ÇÒÒѾ­ÊÇϵͳȨÏÞÁË¡£

ÆäËûÁ½¸öÄ£¿éÓ÷¨ºÍÉÏÃæÒ»Ñù£¬Ô­ÀíÓÐËù²»Í¬£¬Ö´Ðгɹ¦ºó¶¼»á·µ»ØÒ»¸öеÄmeterpreter shell£¬ÇÒ¶¼ÐèÒªÖ´ÐÐgetsystem»ñȡϵͳȨÏÞ¡£ÈçÏÂͼ£º

exploit/windows/local/bypassuac_injection?

¶þ¡¢Ìá¸ß³ÌÐòÔËÐм¶±ð(runas)

ÕâÖÖ·½·¨¿ÉÒÔÀûÓÃexploit/windows/local/askÄ£¿é£¬µ«ÊǸÃÄ£¿éʵ¼ÊÉÏÖ»ÊÇÒÔ¸ßȨÏÞÖØÆôÒ»¸ö·µ»ØÊ½shellcode,²¢Ã»ÓÐÈÆ¹ýUAC£¬»á´¥·¢ÏµÍ³UAC£¬Êܺ¦»úÆ÷ÓÐÌáʾ£¬ÌáʾÓû§ÊÇ·ñÒªÔËÐУ¬Èç¹ûÓû§Ñ¡Ôñ¡°yes¡±£¬¾Í¿ÉÒÔ³ÌÐò·µ»ØÒ»¸ö¸ßȨÏÞmeterpreter shell(ÐèÒªÖ´ÐÐgetsystem)¡£ÈçÏ£º

ÔÚÊܺ¦»úÆ÷Éϻᵯ³öUAC£¬ÌáʾÓû§ÊÇ·ñÔËÐС£ÈçÏ£º

Èý¡¢ÀûÓÃwindowsÌáȨ©¶´½øÐÐÌáȨ

¿ÉÒÔÀûÓÃmetasploitÏÂÒÑÓеÄÌáȨ©¶´£¬Èçms13_053,ms14_058,ms16_016,ms16_032µÈ¡£ÏÂÃæÒÔms14_058ΪÀý¡£

msf > exploit/windows/local/ms14_058_track_popup_menu 
msf exploit(ms14_058_track_popup_menu) > set session 1
msf exploit(ms14_058_track_popup_menu) > exploit

ÓÃwindowsÌáȨ©¶´ÌáȨʱ£¬»áÖ±½Ó·µ»Ø¸ßȨÏÞmeterpreter shell£¬²»ÐèÒªÔÙÖ´ÐÐgetsystemÃüÁî¡£

ÐèҪ˵Ã÷µÄÊÇ£ºÔÚʵ¼Ê²âÊÔʱ£¬Èç¹û³öÏÖÄ¿±ê»úÆ÷ȷʵÓЩ¶´£¬µ«ÊÇÌáȨûÓгɹ¦Ê±£¬ÇëÈ·ÈÏÄãµÄTARGETºÍPAYLOADÊÇ·ñÉèÖÃÕýÈ·£¬64λµÄϵͳ×îºÃÓÃ64λµÄPAYLOAD¡£

   
2747 ´Îä¯ÀÀ       29
 
Ïà¹ØÎÄÕÂ

iOSÓ¦Óð²È«¿ª·¢£¬Äã²»ÖªµÀµÄÄÇЩÊÂÊõ
Web°²È«Ö®SQL×¢Èë¹¥»÷
ÒÆ¶¯APP°²È«ÔÚÉøÍ¸²âÊÔÖеÄÓ¦ÓÃ
´ÓGoogle±¸·Ý»¥ÁªÍø¿´¡°Êý¾Ý°²È«¡±
 
Ïà¹ØÎĵµ

web°²È«Éè¼ÆÓë·À»¤
»¥ÁªÍøº£Á¿ÄÚÈݰ²È«´¦Àí¼¼Êõ
ºÚ¿Í¹¥»÷Óë·À·¶¼¼Êõ
WEBºÚºÐ°²È«¼ì²â
 
Ïà¹Ø¿Î³Ì

WEBÍøÕ¾ÓëÓ¦Óð²È«Ô­ÀíÓëʵ¼ù
webÓ¦Óð²È«¼Ü¹¹Éè¼Æ
´´½¨°²È«µÄJ2EE WebÓ¦ÓôúÂë
ÐÅÏ¢°²È«ÎÊÌâÓë·À·¶
×îл¼Æ»®
DeepSeek´óÄ£ÐÍÓ¦Óÿª·¢ 6-12[ÏÃÃÅ]
È˹¤ÖÇÄÜ.»úÆ÷ѧϰTensorFlow 6-22[Ö±²¥]
»ùÓÚ UML ºÍEA½øÐзÖÎöÉè¼Æ 6-30[±±¾©]
ǶÈëʽÈí¼þ¼Ü¹¹-¸ß¼¶Êµ¼ù 7-9[±±¾©]
Óû§ÌåÑé¡¢Ò×ÓÃÐÔ²âÊÔÓëÆÀ¹À 7-25[Î÷°²]
ͼÊý¾Ý¿âÓë֪ʶͼÆ× 8-23[±±¾©]

iOSÓ¦Óð²È«¿ª·¢
Web°²È«Ö®SQL×¢Èë¹¥»÷
APP°²È«ÔÚÉøÍ¸²âÊÔÖеÄÓ¦ÓÃ
³õ̽PHPµÄSQL×¢Èë¹¥»÷µÄ¼¼Êõ
´ÓGoogle±¸·Ý¿´¡°Êý¾Ý°²È«¡±

WEBÍøÕ¾ÓëÓ¦Óð²È«Ô­ÀíÓëʵ¼ù
webÓ¦Óð²È«¼Ü¹¹Éè¼Æ
´´½¨°²È«µÄJ2EE WebÓ¦ÓôúÂë
×¢²áÐÅÏ¢°²È«×¨ÒµÈËÔ±(CISP)
ÐÅÏ¢°²È«¹ÜÀí
ÐÅÏ¢°²È«ÎÊÌâÓë·À·¶

ÖйúÒøÐÐ ÐÅÏ¢°²È«¼¼Êõ¼°Éî¶È·ÀÓù
WebÓ¦Óð²È«¼Ü¹¹¡¢ÈëÇÖ¼ì²âÓë·À»¤
ij²ÆË°ÁìÓòÖªÃûIT·þÎñÉÌ Web°²È«²âÊÔ
ÆÕÈð¿Ë˹ web°²È«Éè¼Æ¡¢²âÊÔÓëÓÅ»¯
±±¾©ºÍÀûʱ ÐÔÄܺͰ²È«ÐÔ²âÊÔ
SUNÖйú¹¤³ÌÑо¿Ôº JSF¿ò¼Ü¡¢°²È«