OSCP Security Technology

OSCP Security Technology - Java Applet Attack

Prepare a target virtual machine - IE11 on Win 7.

Set the security level of IE to low, and add a exception to Java security tab.

image-20210807182801043

image-20210807182826250

sudo setoolkit
Exploit Steps
S1 -> Choose option 1 ) Social-Engineering Attacks
S2 -> Choose option 2) Website Attack Vectors
S3 -> Choose option 1) Java Applet Attack Method
S4 -> Choose option 2) Site Cloner
S5 -> Set exploit parameters
S6 -> Choose payload type 1) Meterpreter Memory Injection (DEFAULT)
S7 -> Set payload parameters

image-20210807205654281

image-20210807205730178

image-20210807205805208

image-20210807205836802

image-20210807205952027

image-20210807210029872

When visit http://192.168.2.26 from Win 7, a session should established.

After established a session, we can do many things though meterpreter.

image-20210807211623485

But I encountered the following problem, which has not yet been solved.

Cannot import src.core.setcore when launching set interactive shell in Python3 environment.

image-20210807211606473

相信未来 - 该面对的绝不逃避,该执著的永不怨悔,该舍弃的不再留念,该珍惜的好好把握。
【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/keepmoving1113/p/15113307.html