Pivoting

1. Edit the virtual network settings of the Vmware.

2. Set the Network Adapter(s) of Kali Linux, IE8-Win7 and Kioptrix Level 1 as showed in the following screenshoots.

The Kali Linux should only talk to IE8-Win7 machine, and can not talk to Kioptrix Level 1.

The  Kioptrix Level 1 should only talk to IE8-Win7 machine, and can not talk to Kali Linux.

3.Confirm the IP addresses of the Vmware machines.

The IP address of Kali Linux is 10.1.10.129.

There are two IP addresses of IE8-Win7, one is 192.168.134.128 and the other one is 10.1.10.128.

The IP address of Kioptrix Level 1 is 192.168.134.2.

4.Set the Java Security Panel on IE8-Win7 to Medium and add the IP of Kali to the Exception site list.

5. Use setoolkit and metasploit to exploit the target server.

Open Issue:https://github.com/trustedsec/social-engineer-toolkit/issues/593

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

5. Try to see the routes.

run autoroute -p

ipconfig

arp -a

netstat -ano

route

run autoroute -s 192.168.134.0/

run autoroute -p

6. Start the Metasploit and choose proper module.

use auxiliary/scanner/portscan/tcp
show options
set ports 139
set rhosts 192.168.134.131

Run the exploit now.

When exiting the session,  we can not scan the target server now...

OSCP Learning Notes - Post Exploitation(4)的更多相关文章

  1. OSCP Learning Notes - Post Exploitation(2)

    Windows Post Exploitation Target Server: IE8-Win 7 VM 1. Download and upload the fgdump, PwDump7, wc ...

  2. OSCP Learning Notes - Post Exploitation(1)

    Linux Post Exploitation Target Sever: Kioptrix Level 1 1. Search the payloads types. msfvenom -l pay ...

  3. OSCP Learning Notes - Post Exploitation(3)

    Post-Exploit Password Attacks 1. Crack using the tool - john (Too slow in real world) Locate the roc ...

  4. OSCP Learning Notes - WebApp Exploitation(5)

    Remote File Inclusion[RFI] Prepare: Download the DVWA from the following website and deploy it on yo ...

  5. OSCP Learning Notes - WebApp Exploitation(4)

    Local File Inclusion[LFI] Target Pentester Lab: Download from the following website: https://www.vul ...

  6. OSCP Learning Notes - WebApp Exploitation(3)

    SQL Injection[SQLi] Refrence: SQL Injection Authentication Bypass Cheat Sheet https://pentestlab.blo ...

  7. OSCP Learning Notes - WebApp Exploitation(2)

    Cross-Site Scripting(XSS) 1. Using the tool - netdiscover to find the IP of target server. netdiscov ...

  8. OSCP Learning Notes - WebApp Exploitation(1)

    Installing XSS&MySQL FILE Download the Pentester Lab: XSS and MySQL FILE from the following webs ...

  9. OSCP Learning Notes - Overview

    Prerequisites: Knowledge of scripting languages(Bash/Pyhon) Understanding of basic networking concep ...

随机推荐

  1. SQL去掉重复数据

    SELECT vc_your_email,vc_our_ref_or_code INTO #tmp FROM( SELECT vc_your_email,vc_our_ref_or_code,ROW_ ...

  2. Quartz.Net系列(七):Trigger之SimpleScheduleBuilder详解

    所有方法图 1.SimpleScheduleBuilder RepeatForever:指定触发器将无限期重复. WithRepeatCount:指定重复次数 var trigger = Trigge ...

  3. int与Integer的区别(基本类型与复杂类型的对比)转

    基本类型,或者叫做内置类型,是JAVA中不同于类的特殊类型. Java中的简单类型从概念上分为四种:实数.整数.字符.布尔值.但是有一点需要说明的是,Java里面只有八种原始类型,其列表如下: 实数: ...

  4. Git执行"git rebase -i HEAD~xxx"报错:git rebase fatal: Needed a single revision invalid upstream –i

    一.问题"git rebase -i HEAD~xxx"是修改git 历史记录的一个很有用的命令. 但是有时在执行该命令时会出现以下错误:$ git rebase –i HEAD~ ...

  5. JavaWeb网上图书商城完整项目--day02-28.查询所有分类功能之left页面使用Q6MenuBar组件显示手风琴式下拉菜单

    首先页面去加载的时候,会去加载main.js文件,我们在加载left.jsp.top.jsp body.jsp,现在我们修改main.jsp的代码,让它去请求的时候去访问的是不在直接去访问left.j ...

  6. js基础练习题(3)

    8.this 1.举例说说apply方法和call方法的作用和区别 2.读下面代码,写程序结果 function identify () { return this.name.toUpperCase( ...

  7. 【树形dp】Bzoj 1040骑士

    Description Z国的骑士团是一个很有势力的组织,帮会中汇聚了来自各地的精英.他们劫富济贫,惩恶扬善,受到社会各界的赞扬.最近发生了一件可怕的事情,邪恶的Y国发动了一场针对Z国的侵略战争.战火 ...

  8. 第三方 CSS 并不安全

    最近一段时间,关于 通过 CSS 创建 “keylogger”(键盘记录器) 的讨论很多. 有些人呼吁浏览器厂商去“修复”它.有些人则深入研究,表示它仅能影响通过类 React 框架建立的网站,并指责 ...

  9. 深度学习论文翻译解析(九):Spatial Pyramid Pooling in Deep Convolutional Networks for Visual Recognition

    论文标题:Spatial Pyramid Pooling in Deep Convolutional Networks for Visual Recognition 标题翻译:用于视觉识别的深度卷积神 ...

  10. URL编码与二次encodeURI

    转自:http://foryougeljh.iteye.com/blog/1456706 一般来说,URL只能使用英文字母.阿拉伯数字和某些标点符号,不能使用其他文字和符号.比如,世界上有英文字母的网 ...