安装cobalt strike踩坑记录
2019年11月07日安装cobalt strike踩坑记录
yum -y installed|grep java //检查已安装java版本 yum -y remove java* //卸载已安装的java *表示版本 yum -y list java* //查看yum源中的java版本 yum -y install java-1.8.0* //安装java 1.8.0 yum install java -y //安装java
yum list|grep zip/unzip //获取安装列表 yum install unzip //安装unzip 输入y确认 yum install zip //安装zip 输入y确认 unzip wenjianming.zip //解压文件 unzip wenjianming.zip -d /root/wenjinaming 解压文件到指定目录
iptables -L -n //查看本机开放的端口 iptables -F //清除预设表filter中所有规则链的规则 iptables -X // 清楚预设表filter中使用者自定链中的规则 iptables -A INPUT -p tcp --dport 80 -j ACCEPT //开启80端口 cp /etc/iptables.rules /etc/iptables.rules.bak 备份防护墙规则 iptables -A INPUT -p tcp --dport 22 -j ACCEPT //开放22端口 iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT service iptables status 查看防火墙状态 service iptables save 保存防火墙 service iptables restart 重启防火墙 service iptables stop 停止防火墙 chkconfig iptables off 永久关闭防火墙 /etc/init.d/iptables restart 重新启动防火墙 防火墙规则 [root@domain]# cat /etc/sysconfig/iptables # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 50050 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 4431 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
./teamserver 12.12.12.115 password //前台运行 nohup ./teamserver 12.12.12.115 password & //后台运行
// 安装metasploit curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall && \ chmod 755 msfinstall && \ ./msfinstall https://zhuanlan.zhihu.com/p/32267558 https://klionsec.github.io/2017/09/23/cobalt-strike/ https://www.jianshu.com/p/8d823adbc6b5
防火墙规则
防火墙规则 # Generated by iptables-save v1.4.21 on Tue Dec 12 19:04:20 2017 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [89:5886] -A INPUT -i lo -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 23 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 43 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 4343 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 18388 -j ACCEPT -A INPUT -p icmp -m limit --limit 100/sec --limit-burst 100 -j ACCEPT -A INPUT -p icmp -m limit --limit 1/s --limit-burst 10 -j ACCEPT COMMIT # Completed on Tue Dec 12 19:04:20 2017 # Generated by iptables-save v1.4.21 on Tue Dec 12 19:04:20 2017 *nat :PREROUTING ACCEPT [7:336] :INPUT ACCEPT [5:252] :OUTPUT ACCEPT [37:2565] :POSTROUTING ACCEPT [37:2565] #-A PREROUTING -d 47.52.146.79/32 -p tcp -m tcp --dport 4300 -j DNAT --to-destination 1.8.108.67:43 #-A POSTROUTING -d 1.8.108.67/32 -p tcp -m tcp --dport 43 -j SNAT --to 47.52.146.79 COMMIT # Completed on Tue Dec 12 19:04:20 2017