Steps and Instructions -
Welcome to another tutorial from Hacking Monks.
Today we will be hacking WIN 10 machine with HTA attack.
HTA attack is a browser based attack which can be very handy sometimes. We will use SEToolkit and Metasploit to conduct this attack.
* Open a terminal and type in "setoolkit"
We will be choosing option 1
ie Social engineering attacks.
Then select 2
ie website attack vectors.
Then 8 for HTA attack vectors
It will ask for your IP address. To see your IP address open another terminal and type ifconfig.
Then it will ask for port number. Just hit enter and go with default port.
Another prompt tab will come. Go for the 3rd option.
Another option..... Select site cloner. ie 2nd option.
It will ask you to enter the URL of which website you want to clone. We will clone www.google.com
Then after some time, it will complete and automatically open Metasploit.
What we have done here is that we made a cloned website of goolge. When the target accesses this website, his browser will download a file (making the target go to that website will depend upon your skills).
When he runs the file we will get a session running.
The target has to just enter our IP address to access the Website.
I insist you guys watch the video tutorial.
Type in "sessions -i" to see if there is a session open.
Type in "sessions -i 1" to access the session.
When you get a session opened, you can do what ever you like.
For EX - take screenshots or get a shell on the target.
Thank you guys for so much views on Hacking Monks.
You may want to watch my other tutorials -