metasploit中Payload的reverse_tcp和bind_tcp的区别
2014-04-19 16:40
645 查看
reverse_tcp和bind_tcp这两者的执行过程可以大致理解为以下内容:
[reverse_tcp]
attacker -> [contact me at the port 4444] -> victim
after the payload is executed
attacker <-> [port 4444] <-> victim
[bind_tcp]
attacker -> [open the way for me in the port 4444] -> victim
after execution
attacker <-> [port 4444] <-> victim
reverse_tcp:攻击机设置一个端口(LPORT)和IP(LHOST),Payload在测试机执行连接攻击机IP的端口,这时如果在攻击机监听该端口会发现测试机已经连接。
bind_tcp:攻击机设置一个端口(LPORT),Payload在测试机执行打开该端口,以便攻击机可以接入。
采用reverse的方法一般较为安全,因为是在测试机连接攻击机,所以一般不会被防火墙发现;而bind在测试机打开端口时很容易被安全软件和防火墙发现。
官方文档对bind_tcp和reverse_tcp的说明:
Reverse TCP
The reverse TCP handler is provided by the Msf::Handler::ReverseTcp class. It will listen on a port for incoming connections and will make a call into handle
connection with the client sockets as they do.
Bind TCP
The bind TCP handler is provided through Msf::Handler::BindTcp. It will attempt to establish a connection to a target machine on a given port (specified in LPORT). If a connection is established, a call is made into handle connection passing along the socket
associated with the connection.
未完待补充……
[reverse_tcp]
attacker -> [contact me at the port 4444] -> victim
after the payload is executed
attacker <-> [port 4444] <-> victim
[bind_tcp]
attacker -> [open the way for me in the port 4444] -> victim
after execution
attacker <-> [port 4444] <-> victim
reverse_tcp:攻击机设置一个端口(LPORT)和IP(LHOST),Payload在测试机执行连接攻击机IP的端口,这时如果在攻击机监听该端口会发现测试机已经连接。
bind_tcp:攻击机设置一个端口(LPORT),Payload在测试机执行打开该端口,以便攻击机可以接入。
采用reverse的方法一般较为安全,因为是在测试机连接攻击机,所以一般不会被防火墙发现;而bind在测试机打开端口时很容易被安全软件和防火墙发现。
官方文档对bind_tcp和reverse_tcp的说明:
Reverse TCP
The reverse TCP handler is provided by the Msf::Handler::ReverseTcp class. It will listen on a port for incoming connections and will make a call into handle
connection with the client sockets as they do.
Bind TCP
The bind TCP handler is provided through Msf::Handler::BindTcp. It will attempt to establish a connection to a target machine on a given port (specified in LPORT). If a connection is established, a call is made into handle connection passing along the socket
associated with the connection.
未完待补充……
相关文章推荐
- How to hack windows 8 using kali linux
- Metasploit使用教程
- BT5下的metasploit更新
- metasploit msgrpc c++实现远程过程调用
- 初探BeEF
- 初探Metasploit的自动攻击
- ubuntu12.04下安装Metasploit
- 学习编写Metasploit的exploit模块
- centos 6.4安装metasploit
- OpenVAS in Metasploit
- Metasploit之webshell提权
- Set+Metasploit+Ettercap渗透欺骗拿Shell 推荐
- metasploit获取shell之后进一步利用!metasploit+sessions
- 在BT5里Metasploit内网渗透(exploit/windows/smb/psexec)
- 在BackTrack下基于MS08-067漏洞的渗透
- BT5运行update、upgrade后不能运行msf的解决方法(msf升级至4.8)
- Metasploit 下的口令猜测与嗅探
- Backtrack5 网络漏洞攻击工具 Metasploit
- 保护win系统不受metasploit攻击措施
- Metasploit渗透工具的应用 推荐