0x00 前言

参考Micro8系列第三十二课:https://micro8.gitbook.io/micro8/contents-1/31-40/32-pei-zhi-vps-shang-de-msf

0x01 VPS上安装配置MSF

在实战中,一般都是以VPS为跳板做渗透,而VPS一般又是以Linux居多,因此本次主要以Linux为安装背景。

参考文章是用的Debian。

查看系统信息:

1
2
3
4
5
6
7
8
9
10
11
root@john:~# uname -a
Linux john 3.16.0-7-amd64 #1 SMP Debian 3.16.59-1 (2018-10-03) x86_64 GNU/Linux

root@john:~# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 8.11 (jessie)
Release: 8.11 Codename: jessie

root@john:~# cat /proc/version
Linux version 3.16.0-7-amd64 (debian-kernel@lists.debian.org) (gcc version 4.9.2 (Debian 4.9.2-10+deb8u1) ) #1 SMP Debian 3.16.59-1 (2018-10-03)

换源:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
root@john:~# nano /etc/apt/sources.list
root@john:~# cat /etc/apt/sources.list
#
# deb cdrom:[Debian GNU/Linux 8.11.0 _Jessie_ - Official amd64 NETINST Binary-1 20180623-13:06]/ jessie main

#deb cdrom:[Debian GNU/Linux 8.11.0 _Jessie_ - Official amd64 NETINST Binary-1 20180623-13:06]/ jessie main

deb http://http.us.debian.org/debian/ jessie main
deb-src http://http.us.debian.org/debian/ jessie main
deb http://security.debian.org/ jessie/updates main
deb-src http://security.debian.org/ jessie/updates main

# jessie-updates, previously known as 'volatile'
deb http://http.us.debian.org/debian/ jessie-updates main
deb-src http://http.us.debian.org/debian/ jessie-updates main
#deb http://http.kali.org/kali kali-rolling main non-free contrib
#deb-src http://http.kali.org/kali kali-rolling main non-free contrib
deb http://http.kali.org/kali kali-rolling main non-free contrib
#deb http://http.kali.org/kali kali-rolling main non-free contrib

更新缓存:

1
2
apt-get update
apt-get upgrade

安装MSF:

1
apt-get install metasploit-framework

问题1——配置SSH:

1
2
3
4
5
6
7
8
apt install ssh
nano /etc/ssh/sshd_config #PasswordAuthentication no //修改yes
#PermitRootLogin yes //修改yes
service ssh start //重启
/etc/init.d/ssh status //验证
update-rc.d ssh enable //添加开机重启
//运行ssh root登录
#PermitRootLogin prohibit-password改为PermitRootLogin yes

问题2——更新源安装vmtools、文件头:

1
2
3
4
5
6
root@john:~# apt-get install open-vm-tools-desktop fuse
root@john:~#apt-cache search linux-headers //安装头文件
root@john:~#apt-get install linux-image-4.9.0-kali3-amd64
root@john:~#apt-get install linux-image-4.9.0 //
root@john:~#apt-get install linux-headers-4.9.0-kali4-amd64 //重启
root@john:~# apt-get install linux-headers-$(uname -r) //kali2.0以后vmtools不需要安装

问题3——安装各种VPN,然后重启网卡即可:

1
apt-get install -y pptpd network-manager-openvpn network-manager-openvpn-gnome network-manager-pptp network-manager-pptp-gnome network-manager-strongswan network-manager-vpnc network-manager-vpnc-gnome

问题4——Kali U盘安装不能挂载:

  1. df -m此时会看到挂载信息,最下面的是/dev/XXX /media,这个是U盘设备挂载到了/media,导致cd-rom不能被挂载。
  2. umount /media上面那个国外的解决方案还要继续mount /dev/XXX /cd-rom,但本机测试不用自己挂载,安装程序会自己挂载。自己挂载反而会引起后面出现GRUB安装失败。
  3. exit退出命令窗口后,返回之前的语言选择,继续安装,现在不会再出现cd-rom无法挂载的情况了,安装顺利完成

在VPS配置并更新好以上源时,按照项目或者任务在安装其他相关工具辅助。当不确定或者对某些工具遗忘时,可如下操作:

1
2
apt-cache search kali-linux
apt-cache show kali-linux-web

安装配置zsh:

1
2
3
4
5
apt-get install zsh
sh -c "\$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"
chsh -s `which zsh` //设置默认为zsh
cat /etc/shells //查看当前安装的shell
echo $SHELL //查看当前使用shells

如果是VPS不建议安装oh-my-zsh,很多国外的VPS延迟较多,这里是配置zsh。

1
wget https://raw.githubusercontent.com/skywind3000/vim/master/etc/zshrc.zsh

把下载的文件复制到~/.zshrc文件里保存,运行zsh即可。头一次运行会安装一些依赖包,稍等两分钟,以后再进入就OK了。

如果不能Tab补全:

1
vim /root/.bashrc

到最后一行添加:

1
2
3
if [ -f /etc/bash_completion ] && ! shopt -oq posix; then 
./etc/bash_completion
fi

为MSF payload安装辅助框架:

1
apt-get install veil-evasion