20192427 李睿智 2021-2022-2《网络与系统攻防技术》实验六实验报告(20192427 Li Ruizhi 2021-2022-2 experimental report of Experiment 6 of network and system attack and Defense Technology)

20192427 李睿智 2021-2022-2 《网络与系统攻防技术》 实验六实验报告

  • 20192427 李睿智 2021-2022-2 《网络与系统攻防技术》 实验六实验报告一,实验内容及要求
  • 一,实验内容及要求

一,实验内容及要求

本实践目标是掌握metasploit的基本应用方式,重点常用的三种攻击方式的思路。具体需要完成:
1.1一个主动攻击实践,尽量使用最新的类似漏洞;

1.2 一个针对浏览器的攻击,尽量使用最新的类似漏洞;

1.3 一个针对客户端的攻击,如Adobe或office,尽量使用最新的类似漏洞;

1.4 成功应用任何一个辅助模块。

以上四个小实践可不限于以上示例,并要求至少有一个是和其他所有同学不一样的,否则扣除1分。

实验准备
1,了解什么是MSF

  • Metasploit就是一个漏洞框架。它的全称叫做The Metasploit Framework,简称MSF。是一个免费、可下载的框架,通过它可以很容易地获取、开发并对计算机软件漏洞实施攻击。它本身附带数2000多个已知软件漏洞的专业级漏洞攻击工具。
————————

20192427 Li Ruizhi 2021-2022-2 experimental report of Experiment 6 of network and system attack and Defense Technology

  • 20192427 Li Ruizhi 2021-2022-2 network and system attack and defense technology experiment VI experiment report I, experiment contents and requirements
  • 1、 Experiment contents and requirements

1、 Experiment contents and requirements

The goal of this practice is to master the basic application methods of Metasploit, focusing on the ideas of three commonly used attack methods. Specific needs to be completed:
1.1 an active attack practice and try to use the latest similar vulnerabilities;

1.2 a browser attack, try to use the latest similar vulnerabilities;

1.3 for an attack against the client, such as adobe or office, try to use the latest similar vulnerabilities;

1.4 successfully apply any auxiliary module.

The above four small practices can not be limited to the above examples, and at least one of them is different from all other students, otherwise 1 point will be deducted.

< strong > experimental preparation < / strong >
1. Understand what MSF is

  • Metasploit is a vulnerability framework. Its full name is called the Metasploit framework, or MSF for short. Is a free and downloadable framework, which can easily obtain, develop and attack computer software vulnerabilities. It comes with a number of professional vulnerability attack tools with more than 2000 known software vulnerabilities.