OSCP Security Technology - Java Applet Attack

OSCP Security Technology - Java Applet Attack

Prepare a target virtual machine - IE11 on Win 7.

Set the security level of IE to low, and add a exception to Java security tab.

OSCP Security Technology - Java Applet Attack

OSCP Security Technology - Java Applet Attack

sudo setoolkit
Exploit Steps
S1 -> Choose option 1 ) Social-Engineering Attacks
S2 -> Choose option 2) Website Attack Vectors
S3 -> Choose option 1) Java Applet Attack Method
S4 -> Choose option 2) Site Cloner
S5 -> Set exploit parameters
S6 -> Choose payload type 1) Meterpreter Memory Injection (DEFAULT)
S7 -> Set payload parameters

OSCP Security Technology - Java Applet Attack

OSCP Security Technology - Java Applet Attack

OSCP Security Technology - Java Applet Attack

OSCP Security Technology - Java Applet Attack

OSCP Security Technology - Java Applet Attack

OSCP Security Technology - Java Applet Attack

When visit http://192.168.2.26 from Win 7, a session should established.

After established a session, we can do many things though meterpreter.

OSCP Security Technology - Java Applet Attack

But I encountered the following problem, which has not yet been solved.

Cannot import src.core.setcore when launching set interactive shell in Python3 environment.

OSCP Security Technology - Java Applet Attack

上一篇:Hive分桶


下一篇:关于Vue中main.js通常定义的东西、项目中的全局配置等等