Attack Vector Metasploit & Beef
In the scenario this time I will try to exploit the web browser using the beef combined with metasploit.
First I create a web page that I put java.script that would make victims who access this web page will hook into the beef.
First I create a web page that I put java.script that would make victims who access this web page will hook into the beef.
Then go to browse your beef with the address http://127.0.0.1:3000/ui/panel after that we waited until the victim to open a web page that has been opened by us earlier. Once there is an open web pages that look at the existing beef page on your browser.
And the victim's browser will display a message like the following
after it entered the msfconsole, enter the module browse_autopown
after that do the configuration for your computer in a state of listening
pairs of payload that you will use, in this case say using JAVA payload and payload Win32
after installing the payload, is now further exploitation ketahap
page copy 127.0.0.1:8080 / j7hcbu3mdj8f on redireck existing frame on your beef, do not change the address 127.0.0.1 luan, into which your ip and press the execute button.
The above steps will lead toward our target metasploit that you set earlier.
The next stage,
The next stage,
Congratulations, Exploitation browser successfully
No comments:
Post a Comment