Forum Thread: Any Way to Get a Metasploit Exploit Running on a Target Machine Without Them Having to Open a File ?

Hi I'm just wondering if the victim actually has to open an infected exe or word doc or whatever in order to get a metasploit exploit runninng on their machine or is there any other way to do it ?

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.

4 Responses

I think the term your looking for is payload, not exploit.

Generating a payload is just one of many ways to own a victim. An exploit is designed to leverage a fault in a service or software, they can be used to execute payloads in the case of a buffer overflow or otherwise.

For more information you might want to see these.


No they don't. if you can find an exploit in their system to exploit remotely then you can get a meterpreter instance without them ever knowing.


Well, I'm just spitballing here, but you could try to stick the payload in some hard to reach place and copy a shortcut into the "shell:startup" folder (Hit Windows + R; type "shell:startup"; Hit Enter), and reboot the PC. The payload should run whenever the PC is rebooted.


isn't that basically creating a persistant backdoor? doesn't meterpreter have a command for that?

Share Your Thoughts

  • Hot
  • Active