Shulou(Shulou.com)06/03 Report--

This article mainly explains "what is the process of intranet penetration". Interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Let Xiaobian take you to learn "what is the process of intranet penetration"!

I. Description of vulnerability exploitation

The experiment was done in a virtual machine environment using the penetration tool library metaspolit

The requested URL/uploads/windows/fileformat/office_word_hta was not found on this server.

For operating systems:

Windows 7 32bit

Windows 10 64bit

II. Environment Description 2.1 Attack Machine Operating System

Recommended use:

Debian

Ubuntu

macOS

Kali linux(comes with tools)

Windows 10

Software/Tools Environment:

Metaspolit

2.2 attacked aircraft environment

Belongs to internal local area network

3.1 Open metaspolit

3.2 The requested URL/windows/fileformat/office_word_hta was not found on this server.

3.3 run

3.4 Link after victim enters Local IP

Click Run.

3.5 Generate sessions at metaspolit using generated files

3.6 viewing sessions

Executing the sessions command in the middle of a running session can reveal that the target attacker is already in the session

3.7 to elevate the attack aircraft.

Connect to the first session using the sessions -i ID number based on the ID number generated by the session above.

Use shell to raise power

You can see that you have been granted super administrator privileges.

Windows 10 test can also get super administrator privileges.

IV. protective measures

For individual users:

Install antivirus software without ads (such as tinder, etc.), and see unknown files do not click download or run, if automatically downloaded do not click run, delete directly will not establish a session.

v. conclusion

This vulnerability appears to be easy to exploit for Windows personal users who are less secure.

At this point, I believe everyone has a deeper understanding of "what is the process of intranet penetration". It is advisable to actually operate it. Here is the website, more related content can enter the relevant channels for inquiry, pay attention to us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.