• We just launched and are currently in beta. Join us as we build and grow the community.

Hack Windows 10 System by Sending Link (HTA Attack)

ExFinity

Mangaka Apprentice
E
E Rep
0
0
0
Rep
0
E Vouches
0
0
0
Vouches
0
Posts
141
Likes
100
Bits
0
2 MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1 400 XP
Blue-Minimalist-Repetition-Simple-Presentation-1.png


Hey Folks, in this tutorial we are going to demonstrate a method through which we can remotely access any windows machine by sending a link. Originally we would use the HTA attack feature provided by the setoolkit tool, by which we could broadcast our payload via a direct link and we would have a meterpreter session when the victim would double click on that payload. If you want to know about HTA attack, you can read from below.

What is HTA Attack ?

The HTA Attack method will allow us to clone a site and perform powershell injection through HTA files which can be used for Windows-based powershell exploitation through the browser. It is a simple HTML application that can provide full access to the remote attacker. The usual file extension of an HTA is (.hta).

Let’s take a look 😛 !!

Social-Engineer Toolkit (SET)

Setookit already comes in kali linux and it is an automatic tool, designed to create a payload and performed advance attack. Simply we can boot this tool by using the following command. After opening the tool, press 1 and select the first option.

setoolkit1setoolkit

2-1.png


Now we will choose the second option and proceed.

3-1.png


The time has come to choose the attacks and now we will choose the seventh option to carry out the HTA attack.

4-1.png


Do not think too much and choose the second option because through this option we can clone any web page according to us.

5-1.png


Now give the name of the website that you want to make the victim viewable. After that, provide the localhost address of your machine along with any port number.

6-2.png


Done 😛 !! As you can see it setup everything itself, so we have to do nothing more than ourselves.

7-3.png


Execute the following command to obtain your localhost address as this localhost address will be sent to the victim.

ifconfig1ifconfig

8-2.png


Great 😛 !! As you know we cloned amazon’s web page, so the interface will look the same as the original amazon web page after opened the link on browser by the victim. But note that, a file has been downloaded at the bottom left.

Note : Make sure window defender should be disable.

9-2.png


Hmm 😛 !! Once the victim clicks on the downloaded file, a security warning immediately appears on the screen.

10-2.png


Amazing 😛 !! As soon as the victim allows that software to run then we get the meterpreter session without his/her knowledge.

11-2.png
About the AuthorShubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.
 
You must log in or register to reply here.

422,212

310,551

310,560

A Ahmad19979
Top