基于MSF平台下的内存密码破解新思路

Based on the MSF flat memory password cracking new ideas

本文讲述利用metasploit缓冲区溢出工具包和MIMIKATZ工具搭配组建典型内网系统攻击新模型,从而简化内网攻击流程、提高内网渗透攻击效率的方法。按照传统的攻击手法对于内网系统的网络攻击有很多,比如口令嗅探、arp欺骗、网络设备密码暴力猜测,或者是针对内部web服务器进行"注入-进后台-拿webshell"等的思路。

This paper tells use metasploit buffer overflow kit and MIMIKATZ tool collocation form typical connection system against the new model,soas to simplify the connection attack process improve the connection infiltration attack efficiency of the method. According to the traditional attack technique for the connection system network attacks have many, such as password snifter, the arp decept on; network equipment password violence guess,or is for internal web server ＂＇injection - into background.take webshe ＂and so on the train of thought.