Top
Search n00bz.net
  • South Florida Security Resources
    • HackMiami.org
      HackMiami is made up of information security professionals, hardware engineers, network administrators, students, and those who simply enjoy technology.
    • South Florida ISSA
      The Information Systems Security Association is, "the pre-eminent trusted global information security community".
  • PenTest Solutions
    • Rapid7 Metasploit Express
      Metasploit Express is an affordable, easy-to-use penetration testing solution that provides full network penetration testing capabilities, backed by the world’s largest, fully tested and integrated public database of exploits.
    • Core Impact PRO
      Core Impact is designed to evaluate the whole of the security in an office ecosystem. It allows the user to probe for and exploit security vulnerabilities in computer networks, endpoints and web applications.
« Social Engineering using Metasploit Express | Main | #MoSH Day 4 »
Wednesday
Sep152010

DLL Hijacking with Metasploit Express

DateWednesday, September 15, 2010 at 12:00PM

Step 1: Fire up Metasploit Express and load the Exploit module

The module you are looking for is WEBDAV Application DLL Hijacker.  It is currently in the 10 most recent disclosures as of September 14th 2010.

Step 2: Select your options.  Here we are going to exploit Powerpoint!  The module will create the file "HR.ppt" in the directory "TopSecret."  When you are done setting your options, launch the attack.

 

Metasploit Express launches the attack and provides you with a link to send your target.

Step 3: Have the Target open your file and watch as you get a session.

Step 4: Collect that Loot!

Step 5: Well the sky is the limit.  I personally like to kill off AV.

 

Authorn00bz Network | CommentPost a Comment | Reference5 References |
tagged , in

References (5)

References allow you to track sources for this article, as well as articles that were written in response to this article.
  • Response
    Response: clone website software
    by lfasoe at lafseo on July 2, 2014
    Unlike the typical hijackings of area vehicles or boats, skyjacking is not generally dedicated for burglary or robbery. Most air ship thieves propose to utilize the travelers as prisoners, either for fiscal payoff or for some political or regulatory concession by powers.
  • Response
    Response: health informatics careers
    by Uppy1931 at Uppy1931 on July 15, 2014
    Thank you for the information and advice they have helped me in a timely manner! It turns out the solution to my problem was right under my nose, I just did not see it!
  • Response
    Response: fish finder reviews
    at fish finder reviews on October 4, 2018
    DLL Hijacking with Metasploit
  • Response
    Response: fish finder reviews
    at portable fish finder on November 7, 2018
    DLL Hijacking with Metasploit
  • Response
    Response: best fish finder
    at fish finder reviews on November 11, 2018
    DLL Hijacking with Metasploit

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.