• 周一. 8月 15th, 2022

5G编程聚合网

5G时代下一个聚合的编程学习网

热门标签

OSCP Security Technology

admin

11月 28, 2021

OSCP Security Technology – Java Applet Attack

Prepare a target virtual machine – IE11 on Win 7.

Set the security level of IE to low, and add a exception to Java security tab.

image-20210807182801043

image-20210807182826250

sudo setoolkit
Exploit Steps
S1 -> Choose option 1 ) Social-Engineering Attacks
S2 -> Choose option 2) Website Attack Vectors
S3 -> Choose option 1) Java Applet Attack Method
S4 -> Choose option 2) Site Cloner
S5 -> Set exploit parameters
S6 -> Choose payload type 1) Meterpreter Memory Injection (DEFAULT)
S7 -> Set payload parameters

image-20210807205654281

image-20210807205730178

image-20210807205805208

image-20210807205836802

image-20210807205952027

image-20210807210029872

When visit http://192.168.2.26 from Win 7, a session should established.

After established a session, we can do many things though meterpreter.

image-20210807211623485

But I encountered the following problem, which has not yet been solved.

Cannot import src.core.setcore when launching set interactive shell in Python3 environment.

image-20210807211606473

相信未来 – 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。

发表回复

您的电子邮箱地址不会被公开。