June 2020
Intermediate to advanced
423 pages
7h 58m
Chinese
Content preview from Kali Linux学习手册
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
178
|
第
5
章
如果在其他地方没有找到漏洞,你可以编译或运行
Kali
预装的程序。如果它
是
C
程序,则需要预先编译它。所有脚本语言都可以直接按照原样运行。
Metasploit
Metasploit
是一个漏洞利用开发框架。它是
15
年前由
HD Moore
开发的,并
且最初是用
Perl
脚本语言编写的,尽管它已经完全用
Ruby
语言重新实现。
Metasploit
背后的理念是让漏洞利用的构建更容易。该框架基本上是由组件库
组成。它们可以导入到你创建的执行漏洞利用或其他功能的脚本中,比如编
写扫描程序。
要在
Metasploit
中使用的脚本包括
Metasploit
中包含的模块,这些脚本还可
以从
Metasploit
其他模块实现类继承功能。为了让读者对它有一个感性认识,
示例
5-8
展示了在
Windows
系统上运行
Apache Web
服务器上进行漏洞利用
而编写的脚本。
示例
5-8
:
Ruby
漏洞利用脚本的部分代码片段
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Exploit::Remote
Rank = GoodRanking
HttpFingerprint = { :pattern => [ /Apache/ ] }
include ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.