Metasploit中Exploit和Payload的区别(图)

2015-9-11 6:02:45 | 浏览:
评论数:0

huo119.com翻译,大意:

Exploit是用来传送Payload的。Exploit相当于运载火箭,Payload相当于弹头。

------英文原文--------

The exploit is what delivers the payload. Take a missile as an analogy. You have the rocket and fuel and everything else in the rocket, and then you have the warhead that does the actual damage. Without the warhead, the missile doesn't do very much when it hits. Additionally, a warhead isn't much use if it goes off in your bunker without a rocket delivering it.

The delivery system(missile) is the exploit and the payload (warhead) is the code that actually does something.

Exploits give you the ability to 'pop a shell/run your payload code'.

Example payloads are things like Trojans/RATs, keyloggers, reverse shells etc.

Payloads are only referred to when code execution is possible and not when using things like denial of service exploits.

Flow chart

Bunker Buster exploitz

编辑:huo119.com

来源:http://security.stackexchange.com/questions/34419/what-is-the-difference-between-exploit-and-payload

发表评论:

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。