Let's fire up Kali and start Metasploit with the command:ĭepending upon the browser and its configuration, you might get several meterpreter sessions, you might get one like I did, or you might get none. The downside of autopwn is that it is very noisy and can lead to either detection by the target or crashing the browser, which happens often. Autopwn will first try to fingerprint the victim's browser, then "throw" at it whatever exploits it thinks might work. The beauty of autopwn is that it relieves you of some of the hard work of reconnaissance. ![]() Using a Java exploit when a Flash exploit is called for simply won't work and might land you behind bars. We should know the operating system, the applications, the browser, the version of Java and Flash, etc. Then, and only then, can we choose an appropriate exploit. Generally, when we are trying to hack a target, we want to know as much as possible about the target through reconnaissance. ![]() ![]() In this continuing series on Metasploit basics, let's next look at a module that many aspiring hackers find useful-autopwn.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |