Sorry if this sounds a little "noobsih" I'm familiar with metasploit but only as far as the basics go.
I used this method with my pc and I have modified the router to forward the port in order to use my local ip address to exploit the PCs outside my network.
I made a test and it works fine!!!
So now the question is how we can keep the connection alive when we are inside the remote pc?
I mean, in order to avoid the social engineering to ask to do a connection with ie or firefox everytime0, is it possible to upload a software in the remote pc that can start the connection with mine whenever I like?
It will initiate the payload second stage downloader because your initiating a valid connection to the server. The port 55555 is only for the payload to return back to you. SET by default uses port 80 to setup the fake website, so you would browse http://ip instead, not http://ip:55555, if you need the SET web server to be on a different port, edit the config/set_config and edit the WEB_PORT=80 to something different.
I hope that helps!
Hope that helps.
You can also use a persistent meterpreter instance where meterpreter will connect back on specific intervals if the connection is lost. Check out Metasploit Unleashed - Mastering the Framework, it has some info on getting a persistent meterpreter console. I also believe a ruby script was created to help aid with this now.
Hope that helps!
Last edited by Archangel-Amael; 03-09-2010 at 11:36 PM.
First off, thanks for this great tutorial pureh@te. I have followed this and have managed to create a cloned site, and send an e-mail to my victim laptop (XP SP3), i click the link and the java applet is load. I want to try and take this a step further. I have now opened up ettercap selected both my victim machine and my router, and then ran ARP poising. I have also configured my dns.spoof (* A 10.1.1.3) to redirect all to my cloned site, this works but then the Java Applet does not load. Any ideas on how to fix this?
Many thanks in advance
Over a WAN this obviously wont work. Is there a way this can be changed?
It will work fine, you need to add your public IP when creating the fake site.
Ok I got it. I had to go into the SET config and disable auto detect IP.