Presentation is loading. Please wait.

Presentation is loading. Please wait.

Metasploit Project For this exploit I will be using the following strategy Create backdoor exe file Upload file to website Have victim computer download.

Published byHugh Lloyd Modified over 6 years ago

Similar presentations

Presentation on theme: "Metasploit Project For this exploit I will be using the following strategy Create backdoor exe file Upload file to website Have victim computer download."— Presentation transcript:

1 Metasploit Project For this exploit I will be using the following strategy Create backdoor exe file Upload file to website Have victim computer download file Obtain remote access and enumerate file system Tools used: Metasploit Framework Msfconsole Meterpreter Msfvenom Attacking Computer: Kali Linux Victim Computer: Windows 7 Home Premium

2 First we download the latest version of Putty..
We then add our payload to the exe file..once opened by the victim it will give us a meterpreter shell on their machine.

3 We now add our malicious file to the html file on our kali machine
We now add our malicious file to the html file on our kali machine..we will add the file to our website. The file will be downloaded when a user clicks the “Click Here…” link.

4 We set up a multi handler in msfconsole, this will launch our meterpreter shell on the victim’s machine when our malicious exe file is opened. Our exploit has succeeded and we have a shell on the victim’s machine..we run “ls” to enumerate the file system.

Download ppt "Metasploit Project For this exploit I will be using the following strategy Create backdoor exe file Upload file to website Have victim computer download."

Similar presentations

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 12, 2014 DRAFT1.
Enter the address as shown below in the address bar.

Enter the address as shown below in the address bar.
Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.

Part 2 Penetration Testing. Review 2-minute exercise: RECON ONLY Find 3x IP addresses at the U.S. Merchant Marine Academy Google: “U.S. Merchant Marine.
Armitage and Metasploit Penetration Testing Lab

Armitage and Metasploit Penetration Testing Lab
Offensive Security Part 1 Basics of Penetration Testing

Offensive Security Part 1 Basics of Penetration Testing
A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.

A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.
METASPLOIT.

METASPLOIT.
Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas.

Metasploit – Embedded PDF Exploit Presented by: Jesse Lucas.
Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.

Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.
MIS 5212.001 Week 3 Site:

MIS Week 3 Site:
Browser Exploitation Framework (BeEF) Lab

Browser Exploitation Framework (BeEF) Lab
CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Netcat.

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Netcat.
Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.

Dennis  Application Security Specialist  WhiteHat Security  Full-Time Student  University of Houston – Main Campus ▪ Computer.
Introduction to InfoSec – Recitation 15 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 15 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
MIS 5212.001 Week 2 Site:

MIS Week 2 Site:
EECS 354 Network Security Metasploit Features. Hacking on the Internet Vulnerabilities are always being discovered 0day vulnerabilities Every server or.

EECS 354 Network Security Metasploit Features. Hacking on the Internet Vulnerabilities are always being discovered 0day vulnerabilities Every server or.
——For running the Warehouse Mapper.. Download a VMware Workstation software. Website Link: detail/13808.html?qq- pf-to=pcqq.c2c.

——For running the Warehouse Mapper.. Download a VMware Workstation software. Website Link: detail/13808.html?qq- pf-to=pcqq.c2c.
WRF Domain Wizard A tool for the WRF Preprocessing System Jeff Smith Paula McCaslin July 17, 2008.

WRF Domain Wizard A tool for the WRF Preprocessing System Jeff Smith Paula McCaslin July 17, 2008.
Kali Linx Attacks Jim Nasto. Window 8 Computer On my Windows 8 64 bit OS machine. I started using a Virtual Machine using Hyper V Manager and shared the.

Kali Linx Attacks Jim Nasto. Window 8 Computer On my Windows 8 64 bit OS machine. I started using a Virtual Machine using Hyper V Manager and shared the.
Trojan Virus By Forbes and Mark. What is a Trojan virus Trojans are malicious programs that perform actions that have not been authorised by the user.

Trojan Virus By Forbes and Mark. What is a Trojan virus Trojans are malicious programs that perform actions that have not been authorised by the user.

Similar presentations

Ads by Google