1.环境:kali2020.3
2.更新源:
vim /etc/apt/sources.list
注意:要把原来官方的源注释掉#
#中科大
deb http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
deb-src http://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib#阿里云
deb http://mirrors.aliyun.com/kali kali-rolling main non-free contrib
deb-src http://mirrors.aliyun.com/kali kali-rolling main non-free contrib#清华大学
#deb http://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
#deb-src https://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free#浙大
#deb http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free
#deb-src http://mirrors.zju.edu.cn/kali kali-rolling main contrib non-free#东软大学
#deb http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib
#deb-src http://mirrors.neusoft.edu.cn/kali kali-rolling/main non-free contrib#官方源
#deb http://http.kali.org/kali kali-rolling main non-free contrib
#deb-src http://http.kali.org/kali kali-rolling main non-free contrib#重庆大学
#deb http://http.kali.org/kali kali-rolling main non-free contrib
#deb-src http://http.kali.org/kali kali-rolling main non-free contrib
apt-get update && apt-get upgrade && apt-get dist-upgrade
apt-get clean
reboot
3.安装python2的pip
wget https://bootstrap.pypa.io/get-pip.py
python get-pip.py
以上是环境准备,因为从github上下载的Windows-exploit-suggester是在python2的环境下才能运行的
4.下载Windows-exploit-suggester源码:
https://github.com/GDSSecurity/Windows-Exploit-Suggester
下载并解压到你喜欢的文件夹
5.下载微软公开漏洞库:
https://pypi.python.org/pypi/xlrd
放在Windows-exploit-suggester文件夹下
6.因为此工具将目标补丁与微软的漏洞数据库作比较,来得出哪些补丁没打。所以需要和Excel进行对比,需要安装python库,xlrd
执行 pip install xlrd
–到现在为止资源准备齐了–
7.接下来进行工具配置:
python windows-exploit-suggester.py --upgarde(如果出毛病看下面,查看帮助信息,将--upgrade换成-u)
python windows-exploit-suggester.py -h
8.工具使用:
python windows-exploit-suggester.py --audit -i win10.txt -d 带有日期的Excel
#上面的win10.txt 是你的目标机器的系统信息
systeminfo > win10.txt获得
当在目标机Windows10上面获得webshell的时候或者成功渗透的时候,就可以执行systeminfo,copy出来。查看补丁。
最后同一个文件夹下面应该是会有这些东西的: