OSCP Learning Notes - Post Exploitation(4)
Pivoting
1. Edit the virtual network settings of the Vmware.
2. Set the Network Adapter(s) of Kali Linux, IE8-Win7 and Kioptrix Level 1 as showed in the following screenshoots.
The Kali Linux should only talk to IE8-Win7 machine, and can not talk to Kioptrix Level 1.
The Kioptrix Level 1 should only talk to IE8-Win7 machine, and can not talk to Kali Linux.
3.Confirm the IP addresses of the Vmware machines.
The IP address of Kali Linux is 10.1.10.129.
There are two IP addresses of IE8-Win7, one is 192.168.134.128 and the other one is 10.1.10.128.
The IP address of Kioptrix Level 1 is 192.168.134.2.
4.Set the Java Security Panel on IE8-Win7 to Medium and add the IP of Kali to the Exception site list.
5. Use setoolkit and metasploit to exploit the target server.
Open Issue:https://github.com/trustedsec/social-engineer-toolkit/issues/593
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
5. Try to see the routes.
run autoroute -p
ipconfig
arp -a
netstat -ano
route
run autoroute -s 192.168.134.0/
run autoroute -p
6. Start the Metasploit and choose proper module.
use auxiliary/scanner/portscan/tcp
show options
set ports 139
set rhosts 192.168.134.131
Run the exploit now.
When exiting the session, we can not scan the target server now...
最新文章
- iOS 实现转盘的效果
- C# WinForm应用程序降低系统内存占用方法
- Culcurse
- ABP入门系列(6)——展现层实现增删改查
- 软件工程 speedsnail 第二次冲刺4
- web开发下的各种下载方法
- Linux C enum
- BZOJ2301: [HAOI2011]Problem b 莫比乌斯反演
- 【Android平台安全方案】の #00-请不要在外部存储(SD卡)加密存储的敏感信息
- Jquery Ajax 保存
- 小知识点-ios跳过app store更新版本
- Linux CentOS7 安装 Mysql5.7.19
- V7000数据恢复(存储文件系统损坏)案例_北亚数据恢复
- Spark MLlib KMeans 聚类算法
- java中String的final类原因
- 目标检测方法——R-FCN
- HDU5532 Almost Sorted Array(最长上升子序列 or 瞎搞个做差的数组)
- SQL 复习笔记 MSSQL篇
- MySQL使用全文索引(fulltext index)---高性能
- awk(gawk)