1. 環(huán)境及軟件

CentOS 7

CobaltStrike v2.5

Metasploit v5.0+

2. 程序安裝

舊版安裝程序下載地址

https://github.com/rapid7/metasploit-framework/wiki/Downloads-by-Version

1. 使用安裝腳本安裝MSF

wget https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb

以上下載文件為安裝bash腳本，實(shí)際為檢測(cè)配置安裝環(huán)境，下載安裝程序

# 執(zhí)行安裝腳本> mv msfupdate.erb install-msf.sh> chmod +x install-msf.sh> ./install-msf.sh

2. 測(cè)試安裝完成的MSF

安裝完成的MSF目錄為/opt/metasploit-framework/

執(zhí)行msfconsole查看MSF是否正常

> msfconsole

出現(xiàn)沒有數(shù)據(jù)庫(kù)支持警告，首先創(chuàng)建數(shù)據(jù)庫(kù)連接配置文件

# 內(nèi)容設(shè)置為postgresql數(shù)據(jù)庫(kù)信息，如不明白可不修改> cd /opt/metasploit-framework/embedded/framework/config/> mv database.yml.example database.yml

再次進(jìn)行啟動(dòng)測(cè)試

> msfconsole[-] ***rting the Metasploit Framework console...[-] * WARNING: No database support: could not connect to server: Connection refused Is the server running on host "localhost" (127.0.0.1) and accepting TCP/IP connections on port 5432?could not connect to server: No route to host Is the server running on host "localhost" (::1) and accepting TCP/IP connections on port 5432?[-] ***

這種情況一般是數(shù)據(jù)庫(kù)服務(wù)沒有啟動(dòng)或沒有初始化

3. 初始化數(shù)據(jù)庫(kù)

首先初始化數(shù)據(jù)庫(kù)

> cd /opt/metasploit-framework/bin/> ./msfdb# 不能使用root來初始化數(shù)據(jù)庫(kù)Please run msfdb as a non-root user# 創(chuàng)建賬號(hào)用于初始化數(shù)據(jù)庫(kù)> useradd msf> su msf> ./msfdb......Commands: init initialize the component reinit delete and reinitialize the component delete delete and stop the component status check component status start start the component stop stop the component restart restart the component# 初始化數(shù)據(jù)庫(kù)> ./msfdb initCreating database at /home/msf/.msf4/dbStarting database at /home/msf/.msf4/db...successCreating database usersWriting client authentication configuration file /home/msf/.msf4/db/pg_hba.confStopping database at /home/msf/.msf4/dbStarting database at /home/msf/.msf4/db...successCreating initial database schema......# 創(chuàng)建完成后在msf用戶目錄會(huì)生成一個(gè).msf目錄里面會(huì)有一個(gè)database.yml文件# 退出msf 賬號(hào) 回到 root 賬號(hào)下> cp /home/msf/.msf4/database.yml /opt/metasploit-framework/embedded/framework/config/cp：是否覆蓋"/opt/metasploit-framework/embedded/framework/config/database.yml"？ y

以上過程完成后，msf再次啟動(dòng)測(cè)試正常，數(shù)據(jù)庫(kù)連接正常

4. 啟動(dòng)CobaltStrike

上傳CobaltStrike V2.5.zip到/root/目錄，并解壓

# 在root賬號(hào)下啟動(dòng)CobaltStrike> sudo -E ./teamserver server-IP server-pass [C2-Config-File]> sudo -E ./teamserver 192.168.1.100 test123 c2.profile[*] Generating X509 certificate and keystore (for SSL)Enter source keystore password: #這里輸入證書密碼無(wú)密碼將不顯示Entry for alias cobaltstrike successfully imported.Import command completed: 1 entries successfully imported, 0 entries failed or cancelledWarning:The original keystore "./cobaltstrike.store" is backed up as "./cobaltstrike.store.old"...[*] Starting RPC daemon[*] MSGRPC starting on 127.0.0.1:55554 (NO SSL):Msg...[*] MSGRPC backgrounding at 2019-06-26 20:37:22 +0800...[*] MSGRPC background PID 31738[*] sleeping for 20s (to let msfrpcd initialize)[*] Starting Cobalt Strike Team Server[*] 連接到 [ msf , 1J647h4MPTiz3sR3F5yOS9DOtzdVEz2ZaBNGy1FwWl4= ] 127.0.0.1:5433/msf[*] 使用下面的信息來連接到團(tuán)隊(duì)服務(wù)器： 主機(jī): 192.168.1.100 端口: 55553 用戶: msf 密碼: test123[*] 指紋信息(當(dāng)您連接到團(tuán)隊(duì)服務(wù)的時(shí)候請(qǐng)檢查這串字符): 66fdaeb7c0fe088a14562c5be28ff1f042946bd2[+] 已準(zhǔn)備好接受你或其它客戶端的連接。[+] Beacon 進(jìn)行 [192541 bytes] x86/shikata_ga_nai 編碼耗時(shí) 1868ms[+] 創(chuàng)建 Beacon 為 /var/folders/zz/zyxvpxvq6csfxvn_n0000000000000/T/beacon48744733787608987.dll.enc

啟動(dòng) cobaltstrike.jar 連接服務(wù)端

連接效果如下

總結(jié)

以上是生活随笔為你收集整理的cobaltstrike安装_CobaltStrike + Metasploit 组合安装的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。