Social Engineering : Common Social Engineering Tasks : E-mailing a Link to a Web Page that Runs BAP

E-mailing a Link to a Web Page that Runs BAP

Metasploit Pro offers a module called Browser Autopwn that you can use to fingerprint HTTP clients and automatically exploit them based on their browser type. This module automatically launches browser exploits against the human target’s machine until an exploit successfully compromises the system.
When you run Browser Autopwn, a web server starts on your local system to host a malicious site. When a human target visits the site, any applicable exploits are attempted, and if one is successful, a Meterpreter session starts and enables you to access the victim’s machine.
In traditional exploit use cases, an exploit is only successful if a target’s machine is vulnerable to it. If the vulnerability does not exist on their machine, you will need to try multiple attack vectors before you can successfully compromise their machine. This process can be time consuming and potentially unrewarding, which is why you can use Browser Autopwn to automate the exploitation process.
The following section explains how to set up a web page that runs Browser Autopwn.
Task 1: Create a Campaign with a Web Page Component
1.)
From within a project, select Campaigns from the Tasks bar. The Manage Campaigns page appears.
2.)
Click the Configure a Campaign tab.
3.)
In the Name field, enter a descriptive name for the campaign. For example, a name like Java Applet Exploit helps you easily identify this campaign as one that serves a Java applet.
4.)
Select Custom Campaign as the set up option.
5.)
Click the Add e-mail, web page, or portable file button.
6.)
Click the Web page button.
Task 2: Configure the Web Page Component
1.)
When the Web Page Configuration window appears, enter the URL you want to use to serve the web page in the Path field.
2.)
Click the Attack type dropdown and choose Browser Autopwn.
3.)
When the Configure Module window appears, it shows you the options that you can set for the module. You can click OK to accept the default configuration or you can customize any of the available options. If you need information on how each setting works, the Configure Module window provides short descriptions for each option.
4.)
Click OK to close the Configure Module window when you are done.
5.)
Click the Next button to continue to the Web Page Content window.
6.)
When the Web Page Content window appears, you can leave the web page content blank. Since you are running Browser Autopwn, you do not necessarily need to create a spoofed web page.
7.)
Click the Save button to save the web page component.
Task 3: Setting Up a Web Server
1.)
From the Server Configurations area, click the Web Server button.
2.)
When the Web Server Configuration window appears, choose one of the following options:
This server’s IP address - Uses the IP address of the local machine.
This server’s host name - Uses the host name of the local machine.
Custom - Uses the domain name, if DNS is set up and is reachable by the Metasploit instance.
3.)
In the Listening Port field, enter the port that you want to use to run the web server. You should specify a port that is typically used for HTTP traffic, such as 80 or 8080.
4.)
Click Save to save the web server settings.
Task 4: Craft the E-mail
1.)
From the campaign configuration page, click the Add email, web page, portable file button.
2.)
Click the E-mail button.
3.)
When the Configure E-mail Settings window appears, enter a name for the e-mail component in the Component name field. This is the name that displays for the component on the campaign configuration page.
4.)
Subject - The subject that displays in the message header and the subject line.
From Address - The sender’s e-mail address.
From Name - The sender’s name.
5.)
Click the Choose a Target List dropdown and choose a target list for the e-mail. The target list should contain the e-mail addresses and names of the human targets that you want to exploit.
6.)
Click the Attack type dropdown and choose None.
7.)
After you configure the e-mail settings, click Next to continue to the E-mail Content window.
8.)
When the E-mail Content window appears, enter the body for the e-mail. The e-mail body is the message that displays to the human target when they open the e-mail.
9.)
When you are ready to add a link to the web page to the e-mail, click the Insert custom attribute dropdown menu and choose the Link to Web Page attribute.
10.)
When the Insert Campaign Link window appears, enter the text that you wish to display for the web page URL in the Text field.
11.)
Next, click the Web Page dropdown menu and choose the web page that you want to link to the display text. Click Insert to add the link to the e-mail.
12.)
Task 5: Set Up SMTP Settings
Skip this step if you have configured the SMTP settings through the global settings. Metasploit Pro will use the global SMTP settings to automatically set up the e-mail server.
1.)
From the Server Configurations area, click the E-mail Server button.
2.)
When the Configure E-mail Server window appears, define the following fields:
Host - The fully qualified mail server address (e.g., mail.domain.com).
Port - The port that SMTP runs on. Typically, SMTP runs on port 25. If port 25 is blocked, try port 587.
Username - The user name that authenticates the mail server.
Password - The password that authenticates the mail server.
3.)
Click the Save button to apply the e-mail server settings.
Task 6: Sending the E-mail
1.)
From the Manage Campaigns tab, find the campaign that you just created.
2.)
If the campaign state is Launchable, click the Start button.
3.)