Well - I learned about Back-Track 4 yesterday, and I read up on a-lot of it (mostly based with the WEP/WPA/WPA2 wifi-based things) and i stumbled upon the SET article. Upon reading up on it - I wished to test out the whole Email w/ a bad link in it(Choice 2 when it's opened)

So I understand everything that has to happen - all but one part - the part where we use a port for the listener. (So I/whoever is doing/sending the link is the one who is the "listener") But where does this port come from?

And also - when i send the link where is the link derived from? ie: in this example, the person used the link http://192.168.X.XXX - is that MY IP(the "listeners")

And as for what happens when the person click's the link, how do i control that? like a sort of "on-demand" control. Would is be accessing the port i specified earlier to "listen"/"control" what happens (so i could be giving meterpreter commands.)

Example: I do all the things here and when the person clicks the link - I can hide the attack into explorer.exe or some other running process(sessions -i 1) and then i can hide it using migrate and the pid #.

Thanks everyone, I really want to test this out