Archives

All posts for the month January, 2017

Hello aspiring hackers. There’s been a loooong (forgive the grammatical error) gap  in updating the blog. Well, blame it on 70% hectic schedule and 30% procrastination. But today we will see how to hack windows with HTA web server.

First things first. What is HTA web server? HTA stands for HTML application. So this server hosts a HTA file, which when opened will execute a payload via powershell. Ofcourse, the browser warns the user before executing the payload.

Now let’s see how this works. We will use this exploit to hack Windows 10. Start Metasploit and load the module as shown below.

Set the reverse meterpreter payload as it is a local exploit.

Type command “show options” to see the options we need to set for this exploit. Set the required options and type command “run” to start the exploit.

As you can see, it has generated an url. We need to make the victim click on this particular url for our exploit to work. We have already seen in our previous howto’s, how to make that happen. When the victim clicks on the url we sent him as shown below

the browser prompts a warning about the payload as shown below.

When the user ignores the user and clicks on “run”,  a meterpreter session is opened as shown below.

This session can be viewed and opened as shown below.